Solved

TCP packets passes from Access List but drops due to TCP reset

Posted on 2008-10-14
2
1,363 Views
Last Modified: 2012-05-05
HI Team,

I have a challenging Issue here, We have a source trying to connect to the Server in the inside network.
Source: 10.11.5.173 ( WYSE TERMINAL), Destination : 10.10.10.170

As source has problem in connecting to the server, i ran the Firewall debugs and collected the following debugs, the same source conencts to another server on the same network fine, and that pretty much rules out the issue with the Firewall Blocking the connection over all, But i want to get tehse following debug meesageges deciphered so that i can get an indication whether it is caused by the Server inside the network and not the Firewall.

Syslog ID:                                                               Message
302013       Built inbound TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494)

30214        Teardown TCP connection for Outside:10.11.5.73/2332 (10.11.5.173/2332) to inside:10.10.10.70 /1494 ( 10.10.10.70/1494) 0:00:00 bytes 3058 TCP Reset-I

106015     Deny TCP (no connection) from 10.11.5.173/2332 to 10.10.10.70/1494 flags FIN ACK on interface outside

an Urgent help will be greatly appriciated

Thanks Team,    
0
Comment
Question by:tariqmansoor
2 Comments
 
LVL 8

Accepted Solution

by:
Jay_Gridley earned 500 total points
ID: 22718996
Since I was unfamiliar with this log entry I did some digging and found this link that explains the logs entries quite extensively (credit where credit is due):
http://www.firewall.cx/ftopicp-11301.html

I would say that the problem is, as you expected, not on the firewall, but on the server. It seems to not respond to or deny the request. In the logs you see the(embryonic) connection being terminated.

Hope this helps.

JG

0
 

Author Comment

by:tariqmansoor
ID: 22806961
Thanks Team,

Attached Link was quite Helpful for getting more insight to Firewall Handiling of Packtet and generating related Logs

Regards
0

Featured Post

Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ASA DHCP setup 5 38
ip igmp join-group 8 39
Cisco ASA blocks some https sites. 27 43
trouble on installing syslog-ng on CentOS 7 7 53
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question