Deny TCP ( no connection)

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-19-2002 12:14 PM - edited 03-08-2019 11:02 PM
I have an ACL that allows inbound traffic for TCP port 1026. My syslog server says that the firewall is denying access in.
Deny TCP (no connection) from x.x.x.x/1308 to x.x.x.x/1026 flags PSH ACK on interface outside
This was working fine. Any ideas?
- Labels:
-
Other Security Topics
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-19-2002 02:39 PM
The "no connection" usually means that there was a TCP teardown on the NAT session prior to that error. Is there a tear down in your logs

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2002 04:59 AM
No there isn't. This was working for about 4 months and now has stopped.
I've opened all incoming tcp, udp and ip from this host and I still get this error.
Could the remote site have something to do with this?

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-21-2002 06:16 PM
I think the reason that the incoming packet was denied is because -most likely- the packet was part of an established connection and it just arrived out of order or excessively delayed.
Remember that the PIX allows only packets pertaining to an entry in its state table - even with an "permit ip" access list.
Hope that helped ...
Mustafa
