cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
345
Views
0
Helpful
1
Replies

ASA-4-402117: IPSEC: Received a non-IPSec packet (protocol= TCP) from

hi,

on ASAa FW I have zone with two interfaces, one ancrypted and one not. Besause of some routing problems traffic was coming on nonencrypted interface while ASA expected it on encrypted one. As a result I got following syslog

 

%ASA-4-402117: IPSEC: Received a non-IPSec packet (protocol= TCP) from IP_SRC to IP_DEST

Does this message means ASA dropped this traffic from IP_SRC to IP_DEST or let it through? ACL on zone is same for both interfaces

 

Thanks

 

br

1 Reply 1

this meaning peer send encrypt packet not your ASA

check peer

For drop since traffic is tcp then it likely to be drop unless you use tcp bypass in asa.

MHM