PIX TCP/2000 Traffic - Remotely Anywhere

Answered Question
Mar 20th, 2007

I've been passed a problem from a client trying to connect to a Remotely Anywhere server through a PIX/525.

Remotely Anywhere is a remote control application that uses HTTP over TCP/2000. This port is open and theres no inspect enabled.

From the connecting client I can port query 2000 which replies and netstat on the server shows 2000 as listening. When I put the w/s and server on the same subnet the application behaves as expected.

When I move the server to the outside of the PIX the connection fails. I have ethereal running on both ends and debug on the f/w. The pix shows the connection built and ethereal shows the initial TCP h/shake but the server sends no data after the ACK from the client.

This looks like the f/w's causing a problem with the app but I have no idea what to do next. The f/w seems to be configured ok.

any divine intervention out there ?

I have this problem too.
0 votes
Correct Answer by abinjola about 9 years 10 months ago

disable inspect skinny....

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
pregan Tue, 03/20/2007 - 11:41

you my friend are a star ..

i'd even looked at the match this pm when checking http inspect and i missed that skinny /2000 ..

thanks for your help.

Actions

This Discussion