This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FW dropping ACK, RST/ACK & FIN/ACK packets though packets are from valid sessions

Does the ASG function in this manner?

When the firewall receives a TCP RST for an existing session it immediately clears the session from the session table. This means there is no longer a valid session for the TCP RST/ACK to pass through. Hence, the firewall will treat the TCP RST/ACK as a non-SYN first packet and drop it.

Thanks,

Jim

This thread was automatically locked due to age.

Parents

0 JonEtkins over 15 years ago

No performance problems per se, but at least in the early stages I want to keep an eye on the logs for any DNAT services I may have forgotten or missed, and having to plough through all these spurious messages makes that all task the more tedious. Added to which, it bugs me when something just ain't right. [:P]
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 JonEtkins over 15 years ago

No performance problems per se, but at least in the early stages I want to keep an eye on the logs for any DNAT services I may have forgotten or missed, and having to plough through all these spurious messages makes that all task the more tedious. Added to which, it bugs me when something just ain't right. [:P]
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data