• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 917
  • Last Modified:

Server 2008 R2 Wab Traffic on port 8085

Wa have a Server 2008 R 2 64 server that is supposed to be communicating with a server in our DMZ over port 8085. The application vendor says the traffic is not getting there but I opened a TAC case and and they have verified that the traffic is getting there..The Domain,   The windows firewall is off for the domain, public and private profiles

Below is what the traffic looks like on the ASA firewall

==========================================================================: 00:09:42.981379 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: S 539555527:539555527(0) win 64240 <mss 1460,nop,nop,sackOK>
   2: 00:09:42.982126 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: S 1277964029:1277964029(0) ack 539555528 win 8192 <mss 1380,nop,nop,sackOK>
   3: 00:09:42.982310 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: . ack 1277964030 win 64240
   4: 00:09:54.951733 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555528:539555529(1) ack 1277964030 win 64240
   5: 00:09:55.151954 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555529 win 64860
   6: 00:09:57.671397 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555529:539555530(1) ack 1277964030 win 64240
   7: 00:09:57.871262 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555530 win 64859
   8: 00:09:59.761038 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555530:539555531(1) ack 1277964030 win 64240
   9: 00:09:59.964275 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555531 win 64858
  10: 00:10:01.305938 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555531:539555532(1) ack 1277964030 win 64240
  11: 00:10:01.495442 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555532 win 64857
  12: 00:10:02.076640 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555532:539555533(1) ack 1277964030 win 64240
  13: 00:10:02.283127 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555533 win 64856
  14: 00:10:03.302032 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555533:539555535(2) ack 1277964030 win 64240
  15: 00:10:03.495625 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555535 win 64854
  16: 00:14:36.419152 xxx.xxx.xxx.xxx.137 > yyy.yyy.yyy.yyy137:  udp 50
  17: 00:14:36.420067 yyy.yyy.yyy.yyy137 > xxx.xxx.xxx.xxx.137:  udp 157
  18: 00:16:04.165045 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555535:539555536(1) ack 1277964030 win 64240
  19: 00:16:04.353894 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555536 win 64853
  20: 00:16:04.354382 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555536:539555537(1) ack 1277964030 win 64240
  21: 00:16:04.557878 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555537 win 64852
  22: 00:16:04.558183 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555537:539555538(1) ack 1277964030 win 64240
  23: 00:16:04.760580 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555538 win 64851
  24: 00:16:46.580765 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: F 539555538:539555538(0) ack 1277964030 win 64240
  25: 00:16:46.581436 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555539 win 64851
25 packets shown
============================================================================
0
japplewhaite
Asked:
japplewhaite
1 Solution
 
craig_j_LawrenceCommented:
sorry can you please explain your problem in a little more detail?? at first glance, if the traffic is travesing your ASA, the issue may be with the server in the DMZ
0
 
japplewhaiteAuthor Commented:
When we attempt to telnet and web into the target server from a server that is in the same subnet we don't get a response as well.
0
 
jamielfurrCommented:
If you set up a network monitor, you can be certain that the traffic is being received by the server in the DMZ.  Then the application vendor cannot tell you that the traffic is being received.  Other than that I'm not sure how you would be certain that the traffic is being received.    I use Wireshark, but any network monitor should work...  If you can't do this then a simple telnet connect to the server should be proof that the port is open.  A netstat -b can help you if you suspect that another program is using the port.  

0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now