06-04-2006 09:04 PM
Hi,
Could I have a URL to find explanation for these TCP flags in PIX
TCP out 10.49.50.61:7500 in 10.49.53.230:2723 idle 0:09:18 Bytes 225 flags UfrIO
best regards
06-05-2006 06:10 AM
Do a "show conn detail" command. The output from the pix will add the the following:
FW# s conn det
Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN,
B - initial SYN from outside, C - CTIQBE media, D - DNS, d - dump,
E - outside back connection, F - outside FIN, f - inside FIN,
G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data, i - incomp
lete,
k - Skinny media, M - SMTP data, m - SIP media, O - outbound data,
P - inside back connection, q - SQL*Net data, R - outside acknowledged FI
N,
R - UDP RPC, r - inside acknowledged FIN, S - awaiting inside SYN,
s - awaiting outside SYN, T - SIP, t - SIP transient, U - up
In your case the flags UfrIO means your outside host does not respond to close the connection. Eventualy the connection will time-out and will be dropped by the pix.
A netstat command on hosts (in a DOS prompt) may help you diagnose the problem.
HTH
Mike
08-03-2018 10:57 AM
i think very good explenation:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: