Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1557
Views
0
Helpful
2
Replies

Outbound Traffic Source Port 80

Bill CARTER
Contributor
Contributor

‎04-16-2013 08:04 AM - edited ‎03-11-2019 06:29 PM

I have a Web server in my DMZ. Periodically the server sends traffic with source tcp/80 and a random destination tcp port. Is this normal?

Labels:
0 Helpful
2 Replies 2

Jouni Forss
Mentor
Mentor

‎04-16-2013 08:10 AM

Hi,

Wouldnt this happen in any situation where the DMZ server is hosting Web/HTTP services to the outside world and someone was connecting to it and loading web page contents?

Do you have any logs capture so share with us of the situation?

- Jouni

0 Helpful

Benjamin Story
Contributor
Contributor

‎04-16-2013 09:10 AM

This sounds like normal behavior as long as there is a packet before the outbound packet from the outside host making a request to your web server on tcp/80.  The random high port is the port the requester will listen on for the reply.  A packet capture using the ASA packet capture wizard will let you see for sure.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents