This step by step guide shows what you can do if an abnormal TCP flag attack is detect.
This issue occurs when the device receives packets with:
(1) ALL TCP flags bit are set at same time.
(2) SYN, FIN bits are set at same time.
(3) SYN, RST bits are set at same time.
(4) FIN, RST bits are set at same time. (usually occurs on the Mac OS)
(5) Only FIN bit is set.
(6) Only PSH bit is set.
(7) Only URG bit is set.
Therefore, the device detects and regards these packets as attacks.
If you are sure these packets are safe, you can log into the device and enter the following CLI commands to disable this detection:
Router(config)# secure-policy abnormal_tcp_flag_detect deactivate
Older models (usg100,200) firmware 3.30 Version =
Router(config)# firewall abnormal_tcp_flag_detect deactivate