|
If the TCP sequence verifier is disabled, "Reset" packets are not fully trusted during the TCP end timeout, new attempts to establish TCP connections using the same TCP details will generate the above log. "same TCP details" means that the new SYN attempt is using the same src port and IP and same dst port and IP of a connection that may still be in the connections table, (TCP end timeout in the stateful inspection global properties section).
Therefore another way to reduce the
number of these warnings in the log viewer is to lower the TCP timeout in
the stateful inspection section of the global properties.
Added 10TH Feb 2003 Jim Parker |