Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 116: 11:31:20.695917 54.67.53.97.443 > 188.188.188.188.11585: FP 2560128298:2560128712(414) ack 2362777837 win 233 <nop,nop,timestamp 246272938 1558888826
- packet-trac input outside tcp 52.216.128.211 https 188.188.188.188 11585
- Phase: 1
- Type: ACCESS-LIST
- Subtype:
- Result: ALLOW
- Config:
- Implicit Rule
- Additional Information:
- MAC Access list
- Phase: 2
- Type: ROUTE-LOOKUP
- Subtype: input
- Result: ALLOW
- Config:
- Additional Information:
- in 188.188.188.188 255.255.255.255 identity
- Phase: 3
- Type: ROUTE-LOOKUP
- Subtype: input
- Result: ALLOW
- Config:
- Additional Information:
- in 0.0.0.0 0.0.0.0 outside
- Phase: 4
- Type: ACCESS-LIST
- Subtype:
- Result: DROP
- Config:
- Implicit Rule
- Additional Information:
- Result:
- input-interface: outside
- input-status: up
- input-line-status: up
- output-interface: NP Identity Ifc
- output-status: up
- output-line-status: up
- Action: drop
- Drop-reason: (acl-drop) Flow is denied by configured rule
- Now, I understand why packets to 188.188.188.188 11585 drop, there is no ACL pointing it to anything, but this appears to be returning traffic to a computer on the LAN, so why is it triggering a drop? This is what my NAT looks like
- object network INSIDE-HOSTS
- subnet 10.10.14.0 255.255.254.0
- nat (inside,outside) dynamic interface
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement