Hi there,
I have a couple of questions regarding Reset-I and Reset-O messages on the Cisco ASA. I read a document that Reset-I will appear on the ASA if the inside host resets the connection, but what denotes an 'Inside' host? Is the inside host determined based on the context of the connection? for example If a host on the internet initiated a connection to a host in the DMZ, and the internet host sent the reset would this be logged as a 'Reset-I' because although the host was on the internet it was the side initiating the connection.
Also.. the same document said that the Reset was sent to the ASA as an indication to drop the connection, but the hosts wouldnt know about the ASA, so isnt the reset actually sent to the host with which they are communicating?
Last question - What would actually cause a connection to be reset, as it says resets are sent after the TCP connection has been established.