Solved

ASA 5505 with ASDM

Posted on 2012-03-26
4
1,083 Views
Last Modified: 2012-06-27
Hi Experts,

I have a computer in DMZ interface that needs to join domain where is in inside.
All necessary ports are open.
When I try, I got the following error

"Deny TCP(no connection) from x.x.x.x /58923 to y.y.y.y/139  flags RST on interface DMZ"

I googled it and found below solution

"check your config for 'sysopt connection timewait'. If not, try adding it. Some software wants to do a two-way hangup at the end of a connection, and this option keeps connections open until both sides ack the closing."

Is this right one? If so, i just type 'sysopt connection timewait' in command line interface, right? or something else needs to be done.

This issue need to be resolved pretty sooon. Please help!!!!

Thanks in advance..
0
Comment
Question by:Ksean
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 10

Expert Comment

by:pclinuxguru
ID: 37766530
can you ping your domain controller from the computer in the DMZ and can you ping the computer from the domain controller?

Reason I ask is generally stuff in the DMZ can't talk to stuff on the inside. That is what makes it a dmz. You can make it do it if you really want to... requires some configuration though and then it is pointless having the dmz.
0
 

Author Comment

by:Ksean
ID: 37766645
I don't want any ping either direction because I didn't open ports for ICMP. All I need is to join domain. Any idea?
0
 
LVL 10

Accepted Solution

by:
pclinuxguru earned 500 total points
ID: 37766819
Well you need to test traffic from the dmz to the inside. Without ping I am not sure how you would do that.

DMZ traffic is blocked from inside traffic and vice vera.

If you want to simply join it to the domain then plug your cable to a switch on the inside interface and join it. Then move it back.
0
 

Author Closing Comment

by:Ksean
ID: 37835103
good job
0

Featured Post

Retailers - Is your network secure?

With the prevalence of social media & networking tools, for retailers, reputation is critical. Have you considered the impact your network security could have in your customer's experience? Learn more in our Retail Security Resource Kit Today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

729 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question