We help IT Professionals succeed at work.
Get Started

Cisco ASA 5505 - Inbound TCP Connections Denied

2,956 Views
Last Modified: 2012-05-09
Greetings all...

A few days ago, I had a client call with the problem of people not being able to get to the internet, web pages not loading after a while, and random internet drops in general.  After pulling up the ASA 5505 logs, I see nothing but these:

"Inbound TCP connection denied from <outside IP>/80 to <client public ip>/4929 flags PSH ACK on interface outside"

You can substitute PSH ACK with FIN ACK, RST, and FIN PSH ACK.

Anyone know what's causing this?  These errors come from random IP's on the outside but all are from source port 80 or 443;  and they are nearly non-stop.

Any help here would be greatly appreciated.  Thank you!!!
Comment
Watch Question
This problem has been solved!
Unlock 1 Answer and 4 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE