We have replaced a firewall with a Cisco ASA and we are experiencing odd errors in the network. Cisco don't believe it is the firewall itself (everything works fine with the old firewall though) and I have odd network trace logs that I can't resolve.
The attached screenshot is from an FTP connection which fails.
The first packet is sending a SYN packet to the FTP server, this is acknowledged, then the Dell 6248 switch which is doing routing for the VLAN's chips in with a redirect, etc.
However the second SYN ACK packet from the FTP server is replying on a totally different port. Why? I believe this is the problem but I cannot fathom where the problem lies.
This FTP server worked fine with the previous firewall and no other changes have been made to the network. However, is it possible that something was not configured correctly previously and is only now showing up?