Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2153
Views
0
Helpful
1
Replies

Firewall tear down of connection

suthomas1
Level 6
Level 6

‎08-01-2009 06:14 AM - edited ‎03-11-2019 09:01 AM

Hi,

I have a query regarding firewalls tearing down the connections.

I was testing one of my webservers, the connection works fine. When i look at logs in firewall for this connection, it shows below:-

|Aug 01 2009 14:13:21|302013: Built inbound TCP connection 12379739847949979872

for VPN:192.168.100.249026 (192.168.100.2/49026) to APP:192.168.200.10/7014 (192.168.200.10/7014)

Aug 01 2009 14:13:23|302014: Teardown TCP connection 12379739847949979839 for

VPN:192.168.100.249026to APP:192.168.200.10/7014 duration 0:00:03 bytes 15106 TCP

FINs

Why does the firewall built & then immediately(within 3 secs) try to break the connection as seen above.But even so , the web page works fine & am able to use it.

Please advise.

Thanks!

Labels:
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎08-03-2009 07:09 PM

Tear down reason TCP FINs means that the connection was gracefully closed.

You need to collect captures to see exactly what happens and who sends the first fin ack.

Here is the link to the syslog that you are seeing:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/system/message/logmsgs_external_docbase_0900e4b1804ca185_4container_external_docbase_0900e4b1805ba0fa.html#wp1280675

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card