Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
373
Views
0
Helpful
1
Replies

connection with Uf flags when server crash

r.spiandorello
Level 1
Level 1

‎03-30-2006 12:42 AM - edited ‎03-09-2019 02:27 PM

Hi, pix or asa 7.0(4) version.

After a server crash event, a client send a fin packet and the connection moves to Uf flags state in the show conn.

After the server has been restored the connection is still present on the show conn and the only way to remove it is the clear local-host command on the pix.

It seems that the connection with Uf follow the timeout conn settings and there's no way to use the half-closed timeout to speed-up the conn automatic removing.

Could you help me ?

thank you in advance

Labels:
0 Helpful
1 Reply 1

smalkeric
Level 6
Level 6

‎04-05-2006 07:10 AM

The reason why you are seeing the flags with parameters is pix is trying to build up session table. Let me give you another example.

Inside: Outside Flags

----------------------------------

SYN --> saA

<-- SYN + ACK A

ACK --> U

<-- Data UI

Data --> UIO

FIN --> Uf

<-- FIN + ACK UfFR

ACK --> UfFRr

I hope this answer your question.

0 Helpful
Customers Also Viewed These Support Documents