If you see packets dropped on a Cisco ASA and the output is increasing, apparently according to Cisco this is normal as the ASA is processing packets and rejecting whats not part of your firewall rule set.
Cisco Mentions that
“The packets dropped counter in the show interface command output from the Adaptive Security Appliance (ASA) represents all dropped packets on the interface. This counter includes all security related packet drops. It is expected that this counter will always increment on a production ASA. Again, it is normal and expected for the packet dropped counter to increase on a regular basis.” As seen in the following document pdc-show-outputLeave a Comment