06-19-2002 12:14 PM - edited 03-08-2019 11:02 PM
I have an ACL that allows inbound traffic for TCP port 1026. My syslog server says that the firewall is denying access in.
Deny TCP (no connection) from x.x.x.x/1308 to x.x.x.x/1026 flags PSH ACK on interface outside
This was working fine. Any ideas?
06-19-2002 02:39 PM
The "no connection" usually means that there was a TCP teardown on the NAT session prior to that error. Is there a tear down in your logs
06-21-2002 04:59 AM
No there isn't. This was working for about 4 months and now has stopped.
I've opened all incoming tcp, udp and ip from this host and I still get this error.
Could the remote site have something to do with this?
06-21-2002 06:16 PM
I think the reason that the incoming packet was denied is because -most likely- the packet was part of an established connection and it just arrived out of order or excessively delayed.
Remember that the PIX allows only packets pertaining to an entry in its state table - even with an "permit ip" access list.
Hope that helped ...
Mustafa
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide