09-24-2012 08:06 AM - edited 03-11-2019 04:58 PM
Hello all,
I have some problems on my network (invisible printers, unable to access to the server for a short time...) so i decided to look to the log entries on my Asa 5510.
Surprise since my problems started i receive this type of message (severity = 2 Critical) :
106001 Inbound TCP connection denied from 10.65.10.X/56478 to 10.65.10.30/139 flags PSH ACK on interface inside
106001 Inbound TCP connection denied from 10.65.10.X/56478 to 10.65.10.30/139 flags ACK on interface inside
106001 Inbound TCP connection denied from 10.65.10.X/56483 to 10.65.10.30/139 flags SYN on interface inside
106006 Deny inbound UDP from 10.65.10.254/137 to 10.65.10.30/137 on interface inside
The only ACL on this interface is Any to any IP+DNS+ICMP = permit and the implicit any to any ip = deny
Does that look weird to you? Is there something to do to correct these problems?
Many Thanks,
P.S. : 10.65.10.30 is my server. 10.65.10.X = any IP adress on the network. 10.65.10.254 is one of the printer
Solved! Go to Solution.
09-24-2012 09:58 PM
The IP's are on the same subnet?!
So the question is why the asa can see the traffic.
Do you have Proxy arp enabled on inside Interface? If yes Check your Nat statements
Sent from Cisco Technical Support Android App
09-24-2012 09:58 PM
The IP's are on the same subnet?!
So the question is why the asa can see the traffic.
Do you have Proxy arp enabled on inside Interface? If yes Check your Nat statements
Sent from Cisco Technical Support Android App
09-25-2012 12:22 AM
Impresive !
I disabled proxy arp (don't even know why he was there...) and everything worked fine. No more messages in logs and now every connection with printer work perfectly.
Thank you very much Frederic !
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide