tariqmansoor
asked on
TCP packets passes from Access List but drops due to TCP reset
HI Team,
I have a challenging Issue here, We have a source trying to connect to the Server in the inside network.
Source: 10.11.5.173 ( WYSE TERMINAL), Destination : 10.10.10.170
As source has problem in connecting to the server, i ran the Firewall debugs and collected the following debugs, the same source conencts to another server on the same network fine, and that pretty much rules out the issue with the Firewall Blocking the connection over all, But i want to get tehse following debug meesageges deciphered so that i can get an indication whether it is caused by the Server inside the network and not the Firewall.
Syslog ID: Message
302013 Built inbound TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494)
30214 Teardown TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494) 0:00:00 bytes 3058 TCP Reset-I
106015 Deny TCP (no connection) from 10.11.5.173/2332 to 10.10.10.70/1494 flags FIN ACK on interface outside
an Urgent help will be greatly appriciated
Thanks Team,
I have a challenging Issue here, We have a source trying to connect to the Server in the inside network.
Source: 10.11.5.173 ( WYSE TERMINAL), Destination : 10.10.10.170
As source has problem in connecting to the server, i ran the Firewall debugs and collected the following debugs, the same source conencts to another server on the same network fine, and that pretty much rules out the issue with the Firewall Blocking the connection over all, But i want to get tehse following debug meesageges deciphered so that i can get an indication whether it is caused by the Server inside the network and not the Firewall.
Syslog ID: Message
302013 Built inbound TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494)
30214 Teardown TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494) 0:00:00 bytes 3058 TCP Reset-I
106015 Deny TCP (no connection) from 10.11.5.173/2332 to 10.10.10.70/1494 flags FIN ACK on interface outside
an Urgent help will be greatly appriciated
Thanks Team,
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Attached Link was quite Helpful for getting more insight to Firewall Handiling of Packtet and generating related Logs
Regards