Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5893
Views
0
Helpful
2
Replies

Cisco ASA Syslog Message 302013

aneesh.kaimal
Level 1
Level 1

‎07-06-2017 06:38 AM - edited ‎03-12-2019 02:39 AM

Hi

Cisco ASA syslog message 302013 (ASA-6-302013: Built inbound TCP connection) does it really means a established TCP connection (after 3 way handshake) or does it mean that just the SYN packet is allowed through the firewall?

Regards,

Aneesh Kaimal

Labels:
0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-06-2017 08:21 AM

I believe it is the inital SYN packet that triggers the syslog message.

You can see further detail of a given connection by checking the flags as described in this document:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113602-ptn-113602.html

0 Helpful

rraj1788
Level 1
Level 1

‎06-22-2022 11:04 AM

Hi Aneesh,

 

I have enabled syslog messages to a remote syslog server set to logging level 6 but however I have never seen this events 302013,302014,302015,302016 at my end. Can you let me know how did you get the same configured and is it like by default this events are disabled to log.

 

Regards,

rraj1788

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card