Solved: Firewall ASA can't track the operating state of a session

inobody135 · ‎12-23-2016

Hi all and Merry Christmas :)

i have a problem configuring my firewall the scenario is i have couple of machines that contact a syslog server via UDP outside the network the problem when the server respond it responds in an other source port when it comes to my firewall he drop the packets because he couldn't track the session my machines keep sending the data over and over, can you help me to configure my firewall to allow that thank you very much for helping.

Ajay Saini · ‎12-24-2016

If the port is being changed, the only solution is to open corresponding port(s) for the traffic coming from syslog server to machines using access-list. For udp connection, there is no state, hence the only way ASA can keep a track of connection is by tracking the ip address and port number.

In this case, please open an access list for inbound connection as well and it should work.

HTH

-
AJ

View solution in original post

Ajay Saini · ‎12-24-2016

If the port is being changed, the only solution is to open corresponding port(s) for the traffic coming from syslog server to machines using access-list. For udp connection, there is no state, hence the only way ASA can keep a track of connection is by tracking the ip address and port number.

In this case, please open an access list for inbound connection as well and it should work.

HTH

-
AJ