Daniel Rose wrote:
> SQUID (linux kernel 2.6.18.xxx) Sends a spoofed ACK 'from' WWWHOST to CLIENT.
>
> The spoofed ACK never arrives at the CLIENT. CLIENT just sends 3 SYNs and times out. I assume it's dropped by the firewall, but I can't get 'debug ip packet' or similar commands to work on the ASA 5520 to verify this, but it's pretty clear since it never arrives on the client (I used wireshark).
>
Have you tried turning up the logging level and seeing what the asa is
doing? My money is on it dropping your packets.
Adjust logging to "errors" if you're getting to much log data.
# conf t
(config)# logging asdm warnings
# sh logging asdm
-- Tony Dodd, Systems Administrator Last.fm | http://www.last.fm Karen House 1-11 Baches Street London N1 6DL check out my music taste at: http://www.last.fm/user/hawkeviperReceived on Thu Dec 20 2007 - 20:37:48 MST
This archive was generated by hypermail pre-2.1.9 : Tue Jan 01 2008 - 12:00:02 MST