Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3470
Views
5
Helpful
1
Replies

Deny TCP (no connection) flag SYN ACK on interface outside

Go to solution
PhamTuan42019
Level 1
Level 1

‎01-03-2020 09:09 PM

Hi all,

I'm using ASA 5520, and this morning my ASA generate too many log (thousands log), such as:

Deny TCP (no connection) from 192.175.23.38/80 to 103.X.X.109/23518 flags SYN ACK on interface OUTSIDE

Deny TCP (no connection) from 119.209.253.109/7547 to 103.X.X.228/3987 flags SYN ACK on interface OUTSIDE

Deny TCP (no connection) from 87.128.101.69/5060 to 103.X.X.169/43179 flags SYN ACK on interface OUTSIDE

Deny TCP (no connection) from 45.60.133.51/25 to 103.X.X.128/1774 flags SYN ACK on interface OUTSIDE

My DMZ range IP is 103.X.X.0/24, and logs contain many ip in this range, but these ips have not be assigned for any server.

I don't know routing is incorrect or my system is under Syn Attack.

Please give me some suggest for this situation

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rais
Level 7
Level 7

‎01-04-2020 05:51 AM

If you aren't using any of these IPs you should consider putting a 103.x.x.x/24 null0 route on your border router/firewall.

HTH.

View solution in original post

1 Reply 1

Go to solution
rais
Level 7
Level 7

‎01-04-2020 05:51 AM

If you aren't using any of these IPs you should consider putting a 103.x.x.x/24 null0 route on your border router/firewall.

HTH.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card