Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1384
Views
0
Helpful
3
Replies

Duplicate TCP SYN from INT X.X.X.X

fadimabrouk
Level 1
Level 1

‎03-15-2012 06:00 AM - edited ‎03-11-2019 03:42 PM

Hiii guys,

do anybody can assist me in to fix the issue of the log i'm getting on my ASA firewall

:Duplicate TCP SYN from INT: (MY IP behind ASA) to Outside: (the remote server outside ASA) with differenet initial sequence number

i don't know why this comes even i can see the traffic is reaching the remote server??

please your urgent support is needed

thank you

Fadi

Labels:
0 Helpful
3 Replies 3

Julio Carvajal
VIP Alumni
VIP Alumni

‎03-15-2012 06:07 PM

Hello Fadi,

The question here is why is the host sending incorrect tcp packets ( SYN packest) In this case you will need to work on the host first and see why is doing that. BUT if you want to solve this on the easiest and non-secure way you will need to configure a TCP state bypass rule so the ASA will no longer statefully inspect the TCP connections:

access-list test permit tcp host ip_host_behind_asa host outside_server

class-map test

match access-list test

policy-map global_policy

class test

set connection advanced-options tcp-state-bypass

Do rate all the helpful posts!!

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

fadimabrouk
Level 1
Level 1
In response to Julio Carvajal

‎03-18-2012 03:21 AM

Hello,

sounds to be a soultion, not secure but i will test it.

Thanx

0 Helpful

fadimabrouk
Level 1
Level 1
In response to fadimabrouk

‎04-04-2012 11:03 PM

it's working fine now :-)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card