01-22-2021 04:49 AM
Hi ,
Here 92.168.2.100 is a LAN device, but I have not opened the port 6015 port on this machine
<166>Jan 22 2021 08:59:44: %ASA-6-302015: Built outbound UDP connection 1717941741 for Outside:4.4.4.4/8888 (4.4.4.4/8888) to Inside:192.168.2.100/6015 (3.3.3.3/6015)
So how come the ASA build a connection
Thanks
01-22-2021 05:29 AM - edited 01-22-2021 09:09 AM
...
01-22-2021 08:38 AM
Can you post full Logs of the session to understand better?
01-22-2021 08:55 AM
When a device communicates to a remote system it dynamically chooses an ephemeral port (n>1024) as the source port in the udp flow or tcp connection. That's what you are seeing as the source port in the ASA log message.
01-22-2021 09:55 AM - edited 01-22-2021 03:42 PM
First i sory i was think that it from inisde not from outisde
Second Which app use with this port 8888?
Let explain what i know about such like this issue,
Some application open other port and this port is exchange in first message.
For example ftp will use one port to connect server to cleint and other port to download.
Here ouside send message to inisde,
Inisde send message with new port
Here asa inspect these message and open port according to that.
Outisde now can send data to inisde and port open from asa.
So check app for this port and check if you enable inspection in asa for this app
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide