Solved

TCP packets passes from Access List but drops due to TCP reset

Posted on 2008-10-14
2
1,356 Views
Last Modified: 2012-05-05
HI Team,

I have a challenging Issue here, We have a source trying to connect to the Server in the inside network.
Source: 10.11.5.173 ( WYSE TERMINAL), Destination : 10.10.10.170

As source has problem in connecting to the server, i ran the Firewall debugs and collected the following debugs, the same source conencts to another server on the same network fine, and that pretty much rules out the issue with the Firewall Blocking the connection over all, But i want to get tehse following debug meesageges deciphered so that i can get an indication whether it is caused by the Server inside the network and not the Firewall.

Syslog ID:                                                               Message
302013       Built inbound TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494)

30214        Teardown TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494) 0:00:00 bytes 3058 TCP Reset-I

106015     Deny TCP (no connection) from 10.11.5.173/2332 to 10.10.10.70/1494 flags FIN ACK on interface outside

an Urgent help will be greatly appriciated

Thanks Team,    
0
Comment
Question by:tariqmansoor
2 Comments
 
LVL 8

Accepted Solution

by:
Jay_Gridley earned 500 total points
ID: 22718996
Since I was unfamiliar with this log entry I did some digging and found this link that explains the logs entries quite extensively (credit where credit is due):
http://www.firewall.cx/ftopicp-11301.html

I would say that the problem is, as you expected, not on the firewall, but on the server. It seems to not respond to or deny the request. In the logs you see the(embryonic) connection being terminated.

Hope this helps.

JG

0
 

Author Comment

by:tariqmansoor
ID: 22806961
Thanks Team,

Attached Link was quite Helpful for getting more insight to Firewall Handiling of Packtet and generating related Logs

Regards
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question