In a network environment, all services are working correctly without any problem. But somehow the device always shows "abnormal TCP flag" attack. Why does the device show these logs? How to avoid this situation?
This log is coming from clients sending some packets with wrong TCP flags. (It usually happens when Mac OS/iOS clients are connected.)
The device drops these abnormal packets and record them.
You can use the CLI command to disable this detection.
Router# configure terminal
Router(config)# secure-policy abnormal_tcp_flag_detect deactivate
For other cases, in which traffic is not forwarded correctly, please collect information such as the graphical topology and step into contact with our support team!