03-16-2006 02:54 PM - edited 03-09-2019 02:17 PM
What do the flags RST and PSH mean? Specifically when the firewall log says:
'Deny TCP connection x.x.x.x/721 to x.x.x.x/515 flags RST PSH'
Thanks
03-17-2006 10:25 AM
Corey
The flag RST is the reset flag. It is used when one participant in a TCP connection wants to immediately stop the connection. Normal termination of TCP connections use the FIN and FIN/ACK exchange to gracefully terminate the connection. The RST is used to abruptly terminate (frequently in response to some error condition).
The flag PSH is to indicate push. It is an indicator that the segment must be sent quckly (rather than waiting for additional data which could result in a more efficient larger segment).
HTH
Rick
01-02-2010 08:18 PM
I am seeing a lot of these messages from clients that are in the DHCP scope of our AnyConnect clients to many of our VMWare clients. Would there be any reason specifically for this that relates to how VMWare handles TCP? I am wondering if it's related to the fact that our VMWare server uses a bunch of physical NICs tied together as a port-channel. Alternatively is there a way to disable this rule for "trusted" or specific source VLANs?
thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide