Hey guys
I'm experiencing some kind of weird behavior of my ASA 5520 (8.3.1)
I have a customer that needs to access an inside webserver of mine.
I've created a rule in the proper ACL permitting another range of their address to access the web server.
I can see the syn packet being permitted, acl's counter increases, and... the Syn/Ack being denied by the firewall!!!
Look the log...
6|Sep 17 2014|16:29:29|302013|172.40.36.20|3154|10.171.3.139|80|Built outbound TCP connection 1075586687 for vlan5:10.171.3.139/80 (10.171.3.139/80) to vlan155:172.40.36.20/3154 (172.40.36.20/3154)
2|Sep 17 2014|16:29:29|106001|10.171.3.139|80|172.40.36.20|3154|Inbound TCP connection denied from 10.171.3.139/80 to 172.40.36.20/3154 flags SYN ACK on interface vlan155
2|Sep 17 2014|16:29:32|106001|10.171.3.139|80|172.40.36.20|3154|Inbound TCP connection denied from 10.171.3.139/80 to 172.40.36.20/3154 flags SYN ACK on interface vlan155
2|Sep 17 2014|16:29:38|106001|10.171.3.139|80|172.40.36.20|3154|Inbound TCP connection denied from 10.171.3.139/80 to 172.40.36.20/3154 flags SYN ACK on interface vlan155
Also, we don't use NAT for those IP's
Anyone?