ASA deny tcp

imdrizwan · ‎05-06-2020

Hi All,

We have ASA Firewall 8.0 (4) while connecting from client to server, I am receiving the following messages.

There is no tcp-state-bypass from policy-map command in ASA 8.0 (4)

Your support will be highly appreciable.

Thanks much!

192.168.40.20 - Server - Inside interface

192.168.120.30 - Client - Inside interface

ASA-FIREWALL(config)#show log | in 192.168.120.30

May 04 2020 14:37:15: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:15: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/445 to 192.168.120.30/53259 flags SYN ACK on interface inside
May 04 2020 14:37:15: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:16: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:16: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/139 to 192.168.120.30/53260 flags SYN ACK on interface inside
May 04 2020 14:37:16: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:18: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:18: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/445 to 192.168.120.30/53259 flags SYN ACK on interface inside
May 04 2020 14:37:18: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:19: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:19: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/139 to 192.168.120.30/53260 flags SYN ACK on interface inside
May 04 2020 14:37:19: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:24: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:24: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/445 to 192.168.120.30/53259 flags SYN ACK on interface inside
May 04 2020 14:37:24: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:25: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:25: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/139 to 192.168.120.30/53260 flags SYN ACK on interface inside
May 04 2020 14:37:25: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:42: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:42: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/80 to 192.168.120.30/53266 flags SYN ACK on interface inside
May 04 2020 14:37:42: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:45: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:45: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/80 to 192.168.120.30/53266 flags SYN ACK on interface inside
May 04 2020 14:37:45: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
May 04 2020 14:37:51: %ASA-7-609001: Built local-host inside:192.168.120.30
May 04 2020 14:37:51: %ASA-6-106015: Deny TCP (no connection) from 192.168.40.20/80 to 192.168.120.30/53266 flags SYN ACK on interface inside
May 04 2020 14:37:51: %ASA-7-609002: Teardown local-host inside:192.168.120.30 duration 0:00:00
ASA-FIREWALL(config)# cap int

31: 14:37:15.349820 192.168.40.20.445 > 192.168.120.30.53259: S 2583024389:2583024389(0) ack 437426451 win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK>
32: 14:37:16.445228 192.168.40.20.139 > 192.168.120.30.53260: S 2682153304:2682153304(0) ack 2565626429 win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK>
33: 14:37:18.355908 192.168.40.20.445 > 192.168.120.30.53259: S 2583024389:2583024389(0) ack 437426451 win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK>
34: 14:37:19.449699 192.168.40.20.139 > 192.168.120.30.53260: S 2682153304:2682153304(0) ack 2565626429 win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK>
35: 14:37:24.354885 192.168.40.20.445 > 192.168.120.30.53259: S 2583024389:2583024389(0) ack 437426451 win 8192 <mss 1460,nop,nop,sackOK>
36: 14:37:25.448676 192.168.40.20.139 > 192.168.120.30.53260: S 2682153304:2682153304(0) ack 2565626429 win 8192 <mss 1460,nop,nop,sackOK>
37: 14:37:42.085292 192.168.40.20.80 > 192.168.120.30.53266: S 1452504951:1452504951(0) ack 704894432 win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK>
38: 14:37:45.095835 192.168.40.20.80 > 192.168.120.30.53266: S 1452504951:1452504951(0) ack 704894432 win 8192 <mss 1460,nop,wscale 8,nop,nop,sackOK>
39: 14:37:51.095942 192.168.40.20.80 > 192.168.120.30.53266: S 1452504951:1452504951(0) ack 704894432 win 8192 <mss 1460,nop,nop,sackOK>