Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

TCP packets passes from Access List but drops due to TCP reset

Posted on 2008-10-14
2
Medium Priority
?
1,400 Views
Last Modified: 2012-05-05
HI Team,

I have a challenging Issue here, We have a source trying to connect to the Server in the inside network.
Source: 10.11.5.173 ( WYSE TERMINAL), Destination : 10.10.10.170

As source has problem in connecting to the server, i ran the Firewall debugs and collected the following debugs, the same source conencts to another server on the same network fine, and that pretty much rules out the issue with the Firewall Blocking the connection over all, But i want to get tehse following debug meesageges deciphered so that i can get an indication whether it is caused by the Server inside the network and not the Firewall.

Syslog ID:                                                               Message
302013       Built inbound TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494)

30214        Teardown TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494) 0:00:00 bytes 3058 TCP Reset-I

106015     Deny TCP (no connection) from 10.11.5.173/2332 to 10.10.10.70/1494 flags FIN ACK on interface outside

an Urgent help will be greatly appriciated

Thanks Team,    
0
Comment
Question by:tariqmansoor
2 Comments
 
LVL 8

Accepted Solution

by:
Jay_Gridley earned 1500 total points
ID: 22718996
Since I was unfamiliar with this log entry I did some digging and found this link that explains the logs entries quite extensively (credit where credit is due):
http://www.firewall.cx/ftopicp-11301.html

I would say that the problem is, as you expected, not on the firewall, but on the server. It seems to not respond to or deny the request. In the logs you see the(embryonic) connection being terminated.

Hope this helps.

JG

0
 

Author Comment

by:tariqmansoor
ID: 22806961
Thanks Team,

Attached Link was quite Helpful for getting more insight to Firewall Handiling of Packtet and generating related Logs

Regards
0

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question