Built inbound TCP connection from external 10.26.X.X/56900 to zone116 10.92.Y.Y/22 means the connection has gone through the firewall. by system default the time out for tcp is

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02

teardown TCP connection log message in this case indicates that the connection timed out because the remote end didnt reply to the attempt of the user to form the TCP 22/ssh connection.

Deny TCP (no connection ) from 10.92.Y.Y/22 to 10.26.X.X/56899 flags SYN ACK on interface zone116

So for TCP 3 way handshake, it should be as follows:

SYN: Outside --> Inside

SYN-ACK: Inside --> Outside

ACK: Outside --> Inside

From the logs, here is instead what happens:

SYN: Outside --> Inside

SYN-ACK: Outside --> Inside

Hence the ASA is dropping the connection. The SYN-ACK packet is actually received on the outside interface instead of the inside interface as it should be.

Here is how it goes:

- ASA receives SYN, and place that in the connection table.

- If the ASA does not receive the SYN-ACK packets within 30 seconds, it will clear that particular connection.

- So if the SYN-ACK packet arrives at the ASA after the default timeout of 30 seconds, you will receive that error message of no TCP connection found.

By default, the TCP incomplete timeout is 30 seconds.

make sure is the nat rule/acl for the dmz server and the routing in place?

hope this help you.