Document ID: 116007
Updated: Mar 27, 2013
Contributed by Luis Rojas and Jay Johnston, Cisco TAC Engineers.
Contents
Introduction
This document describes the meaning of this teardown message on the Cisco Adaptive Security Appliance: Free the flow created as result of packet injection.
Refer to Cisco Technical Tips Conventions for more information on document conventions.
Q. What does the "Free the flow created as result of packet injection" ASA teardown message mean?
A. This connection teardown message is created due to the packet-tracer injecting a packet into the ASA data path and deleting the connection immediately when it drops the packet at the egress point.
Here is an example of a connection teardown syslog being generated by an ASA:
Mar 07 2013 13:59:16: %ASA-6-302014: Teardown TCP connection 397336 for outside:10.2.2.2/80 to inside:10.36.103.60/12234 duration 0:00:00 bytes 0 Free the flow created as result of packet injectionHere is an example of running the packet tracer feature and checking the local syslog buffer for the teardown reason:
ASA5515-X# packet-tracer input inside tcp 10.36.103.60 12234 10.2.2.2 80 Phase: 1 Type: CAPTURE Subtype: Result: ALLOW Config: Additional Information: MAC Access list Phase: 2 Type: ACCESS-LIST Subtype: Result: ALLOW Config: Implicit Rule Additional Information: MAC Access list Phase: 3 Type: ROUTE-LOOKUP Subtype: input Result: ALLOW Config: Additional Information: in 0.0.0.0 0.0.0.0 outside ASA5515-X# show log | include Free the flow Mar 07 2013 13:59:16: %ASA-6-302014: Teardown TCP connection 397336 for outside:10.2.2.2/80 to inside:10.36.103.60/12234 duration 0:00:00 bytes 0 Free the flow created as result of packet injection ASA5515-X#For more information on this connection teardown message, along with others, refer to Cisco ASA Series Syslog Messages.
For more information about the packet-tracer utility, which is an excellent tool for troubleshooting and verifying the configuration of the ASA, refer to Cisco ASA Series Command Reference.
Related Information
Open a Support Case 
(Requires a Cisco Service Contract.)
Related Cisco Support Community Discussions
The Cisco Support Community is a forum for you to ask and answer questions, share suggestions, and collaborate with your peers.
Refer to Cisco Technical Tips Conventions for information on conventions used in this document.