Hey r/networking,
Looking to get a little help interpreting the following syslog message from my ASA firewall, mainly if it's possible to tell from which side the "TCP FIN" was sent first:
Jan 09 09:29:34 CST: %ASA-session-6-302014: Teardown TCP connection 1202854902 for outside:64.x.x.x/11020 to inside:192.168.x.x/57494 duration 2:34:20 bytes 1572060 TCP FINs
These sessions shouldn't be dropping, and I really need to know which end is sending the initial FIN first.
Any help is appreciated.
No comments:
Post a Comment