Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
593
Views
0
Helpful
0
Comments

Problem Packet Flow through Cisco ASA Firewall

Andrey Litovkin
Level 1
Level 1

‎01-18-2013 08:10 PM - edited ‎03-08-2019 06:47 PM

I have a Cisco ASA 5540 8.2(1), with permit ip any any rules

packet-tracer input inside tcp 10.56.149.129 871 10.40.170.10 3003

show

Phase: 1

Type: FLOW-LOOKUP

Subtype:

Result: ALLOW

Config:

Additional Information:

Found flow with id 1374599592, using existing flow

Result:

input-interface: inside

input-status: up

input-line-status: up

Action: drop

Drop-reason: (acl-drop) Flow is denied by configured rule

if you change the source or destination port, the packet is successfully

clear conn did not help

please tell me how to solve the problem?

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents