Link to home
Start Free TrialLog in
Avatar of jlingg
jlinggFlag for United States of America

asked on

Juniper Close - TCP RST http traffic

Hi All,

I am trying to pass http traffic through a ssg320 using a mapped IP and a policy that allows http traffic.  Unfortunately the web site is not working and the error is connection is reset.  In my logs I get the following.  There are a couple of other web sites that work using this policy.  Any idea why i am getting these errors?

 

thanks

Jason

 

============================================================================================================
Date       Time       Duration Source IP        Port Destination IP   Port Service  SessionID In Interface
Reason                Protocol Xlated Src IP    Port Xlated Dst IP    Port ID       PID       Out Interface
==========================================================+==================================================
2011-12-12 07:51:48    0:00:41 95.108.150.235  50067 xxx.xxx.xxx.69     80 HTTP        63720    ethernet0/2
Close - TCP RST               6 95.108.150.235  50067 192.168.1.100      80                58    ethernet0/0


2011-12-12 07:51:46    0:00:39 95.108.150.235  49941 xxx.xxxx.xxx.69     80 HTTP        63342    ethernet0/2
Close - TCP RST               6 95.108.150.235  49941 192.168.1.100      80                58    ethernet0/0
Avatar of guarana
guarana
Flag of Mexico image
its a MIP or a VIP, for the VIP theirs an option called "server check" that sometimes cause this caind of errors, can you post a SS of how its the NAT done and how the FW policy its created (obviously covering IP´s)

Regards nef
ASKER CERTIFIED SOLUTION
Avatar of mindwise
mindwise
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of V K
V K
Flag of United States of America image
a snoop or a flow-filter will explain whats happening with the traffic and why the web server connection is not working