Solved

Server 2008 R2 Wab Traffic on port 8085

Posted on 2010-08-21
3
852 Views
Last Modified: 2012-06-27
Wa have a Server 2008 R 2 64 server that is supposed to be communicating with a server in our DMZ over port 8085. The application vendor says the traffic is not getting there but I opened a TAC case and and they have verified that the traffic is getting there..The Domain,   The windows firewall is off for the domain, public and private profiles

Below is what the traffic looks like on the ASA firewall

==========================================================================: 00:09:42.981379 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: S 539555527:539555527(0) win 64240 <mss 1460,nop,nop,sackOK>
   2: 00:09:42.982126 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: S 1277964029:1277964029(0) ack 539555528 win 8192 <mss 1380,nop,nop,sackOK>
   3: 00:09:42.982310 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: . ack 1277964030 win 64240
   4: 00:09:54.951733 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555528:539555529(1) ack 1277964030 win 64240
   5: 00:09:55.151954 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555529 win 64860
   6: 00:09:57.671397 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555529:539555530(1) ack 1277964030 win 64240
   7: 00:09:57.871262 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555530 win 64859
   8: 00:09:59.761038 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555530:539555531(1) ack 1277964030 win 64240
   9: 00:09:59.964275 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555531 win 64858
  10: 00:10:01.305938 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555531:539555532(1) ack 1277964030 win 64240
  11: 00:10:01.495442 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555532 win 64857
  12: 00:10:02.076640 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555532:539555533(1) ack 1277964030 win 64240
  13: 00:10:02.283127 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555533 win 64856
  14: 00:10:03.302032 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555533:539555535(2) ack 1277964030 win 64240
  15: 00:10:03.495625 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555535 win 64854
  16: 00:14:36.419152 xxx.xxx.xxx.xxx.137 > yyy.yyy.yyy.yyy137:  udp 50
  17: 00:14:36.420067 yyy.yyy.yyy.yyy137 > xxx.xxx.xxx.xxx.137:  udp 157
  18: 00:16:04.165045 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555535:539555536(1) ack 1277964030 win 64240
  19: 00:16:04.353894 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555536 win 64853
  20: 00:16:04.354382 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555536:539555537(1) ack 1277964030 win 64240
  21: 00:16:04.557878 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555537 win 64852
  22: 00:16:04.558183 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: P 539555537:539555538(1) ack 1277964030 win 64240
  23: 00:16:04.760580 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555538 win 64851
  24: 00:16:46.580765 xxx.xxx.xxx.xxx.3801 > yyy.yyy.yyy.yyy8085: F 539555538:539555538(0) ack 1277964030 win 64240
  25: 00:16:46.581436 yyy.yyy.yyy.yyy8085 > xxx.xxx.xxx.xxx.3801: . ack 539555539 win 64851
25 packets shown
============================================================================
0
Comment
Question by:japplewhaite
3 Comments
 
LVL 6

Accepted Solution

by:
craig_j_Lawrence earned 500 total points
ID: 33491403
sorry can you please explain your problem in a little more detail?? at first glance, if the traffic is travesing your ASA, the issue may be with the server in the DMZ
0
 

Author Comment

by:japplewhaite
ID: 33491486
When we attempt to telnet and web into the target server from a server that is in the same subnet we don't get a response as well.
0
 
LVL 2

Expert Comment

by:jamielfurr
ID: 33491691
If you set up a network monitor, you can be certain that the traffic is being received by the server in the DMZ.  Then the application vendor cannot tell you that the traffic is being received.  Other than that I'm not sure how you would be certain that the traffic is being received.    I use Wireshark, but any network monitor should work...  If you can't do this then a simple telnet connect to the server should be proof that the port is open.  A netstat -b can help you if you suspect that another program is using the port.  

0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now