%ASA-6-302015

kp-tkr2014 · ‎01-22-2021

Hi ,

Here 92.168.2.100 is a LAN device, but I have not opened the port 6015 port on this machine

<166>Jan 22 2021 08:59:44: %ASA-6-302015: Built outbound UDP connection 1717941741 for Outside:4.4.4.4/8888 (4.4.4.4/8888) to Inside:192.168.2.100/6015 (3.3.3.3/6015)

So how come the ASA build a connection

Thanks

MHM Cisco World · ‎01-22-2021

...

balaji.bandi · ‎01-22-2021

Can you post full Logs of the session to understand better?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Marvin Rhoads · ‎01-22-2021

When a device communicates to a remote system it dynamically chooses an ephemeral port (n>1024) as the source port in the udp flow or tcp connection. That's what you are seeing as the source port in the ASA log message.

MHM Cisco World · ‎01-22-2021

First i sory i was think that it from inisde not from outisde

Second Which app use with this port 8888?

Let explain what i know about such like this issue,

Some application open other port and this port is exchange in first message.

For example ftp will use one port to connect server to cleint and other port to download.

Here ouside send message to inisde,

Inisde send message with new port

Here asa inspect these message and open port according to that.

Outisde now can send data to inisde and port open from asa.

So check app for this port and check if you enable inspection in asa for this app