Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2996
Views
0
Helpful
1
Replies

Deny tcp src outside: Error

achavez@indianpueblo.com
Level 1
Level 1

‎07-12-2019 02:02 PM

Hi Guy's!

I have an issue I need some help with. In the log files we keep getting Deny tcp src outside:  when this happens we are unable to receive some emails.  I have attached a screen shot.  Any help would be appreciated!  

 

Thank you!

 

%ASA-4-106023: Deny protocol src 
[interface_name:source_address/source_port] [([idfw_user|FQDN_string], sg_info)] 
dst interface_name:dest_address/dest_port [([idfw_user|FQDN_string], sg_info)] 
[type {string}, code {code}] by access_group acl_ID [0x8ed66b60, 0xf8852875]

A real IP packet was denied by the ACL. This message appears even if you do not have the log option enabled for an ACL. The IP address is the real IP address instead of the values that display through NAT. Both user identity information and FQDN information is provided for the IP addresses if a matched one is found. The ASA logs either identity information (domain\user) or FQDN (if the username is not available). If the identity information or FQDN is available, the ASA logs this information for both the source and destination.

1 person had this problem
Labels:
Preview file
122 KB
0 Helpful
1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni

‎07-13-2019 07:47 PM

Hi

Can you show your acl outside_in and if you're using objects please share them as well to be able to read it.

Can you share also the nat config for this machine 10.10.0.6?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card