04-04-2006 08:56 AM - edited 02-21-2020 12:49 AM
I am getting Denys with a no connection error listed. The error lines are (the IPs have been changed to protect the innocent):
Apr 04 2006 11:47:19 nybetbpc001-p01 : %PIX-6-106015: Deny TCP (no connection) from 110.x.x.36/9488 to 110.x.x.114/2381 flags SYN ACK on
interface outside
Apr 04 2006 11:47:22 nybetbpc001-p01 : %PIX-6-106015: Deny TCP (no connection) from 110.x.x.36/9488 to 110.x.x.114/2381 flags ACK on inte
rface outside
Apr 04 2006 11:47:22 nybetbpc001-p01 : %PIX-6-106015: Deny TCP (no connection) from 110.x1.x.36/9488 to 110.x.x.114/2381 flags SYN ACK on
interface outside
Apr 04 2006 11:47:28 nybetbpc001-p01 : %PIX-6-106015: Deny TCP (no connection) from 110.x.x.36/9488 to 110.x.x.114/2381 flags ACK on inte
rface outside
Apr 04 2006 11:47:28 nybetbpc001-p01 : %PIX-6-106015: Deny TCP (no connection) from 110.x.x.36/9488 to 110.x.x.114/2381 flags SYN ACK on
interface outside
I have added static statements and done all I can think of to clear this and allow the connects. I have opened up the acls to permit IP since this is an internal development device. Can anyone give me a line to follow?
Thanks,
Jerry
04-11-2006 10:16 AM
This message is logged when the firewall discards a TCP packet that has no associated connection in the firewall unit's connection table. The firewall looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the firewall discards the packet.
In some instances if the connection timesout after a little bit but the application still thinks that its up then we can change the Default connection timeout through the PIX to something higher then the default of One hour.
04-13-2006 10:03 AM
I believe there is a bug on this. Check out some earlier posts on similar issues.
I believe the bug ID is CSCef38784.
DC
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide