Solved

ASA 5505 with ASDM

Posted on 2012-03-26
4
1,006 Views
Last Modified: 2012-06-27
Hi Experts,

I have a computer in DMZ interface that needs to join domain where is in inside.
All necessary ports are open.
When I try, I got the following error

"Deny TCP(no connection) from x.x.x.x /58923 to y.y.y.y/139  flags RST on interface DMZ"

I googled it and found below solution

"check your config for 'sysopt connection timewait'. If not, try adding it. Some software wants to do a two-way hangup at the end of a connection, and this option keeps connections open until both sides ack the closing."

Is this right one? If so, i just type 'sysopt connection timewait' in command line interface, right? or something else needs to be done.

This issue need to be resolved pretty sooon. Please help!!!!

Thanks in advance..
0
Comment
Question by:Ksean
  • 2
  • 2
4 Comments
 
LVL 10

Expert Comment

by:pclinuxguru
ID: 37766530
can you ping your domain controller from the computer in the DMZ and can you ping the computer from the domain controller?

Reason I ask is generally stuff in the DMZ can't talk to stuff on the inside. That is what makes it a dmz. You can make it do it if you really want to... requires some configuration though and then it is pointless having the dmz.
0
 

Author Comment

by:Ksean
ID: 37766645
I don't want any ping either direction because I didn't open ports for ICMP. All I need is to join domain. Any idea?
0
 
LVL 10

Accepted Solution

by:
pclinuxguru earned 500 total points
ID: 37766819
Well you need to test traffic from the dmz to the inside. Without ping I am not sure how you would do that.

DMZ traffic is blocked from inside traffic and vice vera.

If you want to simply join it to the domain then plug your cable to a switch on the inside interface and join it. Then move it back.
0
 

Author Closing Comment

by:Ksean
ID: 37835103
good job
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Setting up Secure Ubuntu server on VMware 1.      Insert the Ubuntu Server distribution CD or attach the ISO of the CD which is in the “Datastore”. Note that it is important to install the x64 edition on servers, not the X86 editions. 2.      Power on th…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now