A TCP packet was rejected because it has an invalid sequence number or an invalid acknowledgement number.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-27-2014 01:55 PM - edited 03-11-2019 09:00 PM
Dear All,
We have installd cisco ASA 5540 along with AIP-SSM-40 Module as our perimeter device. I was troubleshootig an Microsoft ISA proxy server issue when i found this error message occuring frequently
A TCP packet was rejected because it has an invalid sequence number or an invalid acknowledgement number.
I could see that these error messages appear in the external NIC of my ISA server ( with a private IP) installed inside the LAN. What i want to understand is how to block this message from appearing at the cisco ASA perimeter level. Any help here would be highly appreciated.
- Labels:
-
NGFW Firewalls
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-27-2014 04:04 PM
The log output contains a logging message identifier. You can turn off the individual log message, but I would take reservation in doing so. I would try to make the traffic that is causing the message stop if possible so that if a similar situation happens in the future you get log messages about it.
%ASA-6-XXXXXX <--XXXXXX is the logging message id.
Disable it by:
no logging message XXXXXX
