Hi, I recently saw a strange behavior on my PIX v 6.2.(4).
We get hundreds of the following message in the space of a few seconds:
%PIX-6-106015: Deny TCP (no connection) from /25 to /4739 flags ACK on interface inside
The problem totally swamped our internet connection, and rebooting our mail server did not help. Finally we rebooted the PIX and it went fine and never happened since.
Has anyone seen this behavior? I'm wondering if there is a known PIX bug associated with this?
%PIX-6-106015: Deny TCP (no connection) from IP_address/port to IP_address/port flags tcp_flags on interface interface_name.
This message is logged when the firewall discards a TCP packet that has no associated connection in the firewall unit's connection table.
The firewall looks for a SYN flag in the packet, which indicates a request to establish a new connection.
If the SYN flag is not set, and there is not an existing connection, the firewall discards the packet.
--------------------------------
Cisco Recommended Action: None required unless the firewall receives a large volume of these invalid TCP packets.
If this is the case, trace the packets to the source and determine the reason these packets were sent.
Release Notes for the Cisco Secure PIX Firewall Version 5.1(1)
Brad Reese BradReese.Com - Cisco Jobs
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.