PIX TCP/2000 Traffic - Remotely Anywhere

Answered Question
Mar 20th, 2007
User Badges:

I've been passed a problem from a client trying to connect to a Remotely Anywhere server through a PIX/525.


Remotely Anywhere is a remote control application that uses HTTP over TCP/2000. This port is open and theres no inspect enabled.


From the connecting client I can port query 2000 which replies and netstat on the server shows 2000 as listening. When I put the w/s and server on the same subnet the application behaves as expected.


When I move the server to the outside of the PIX the connection fails. I have ethereal running on both ends and debug on the f/w. The pix shows the connection built and ethereal shows the initial TCP h/shake but the server sends no data after the ACK from the client.


This looks like the f/w's causing a problem with the app but I have no idea what to do next. The f/w seems to be configured ok.


any divine intervention out there ?

Correct Answer by abinjola about 10 years 4 months ago

disable inspect skinny....

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
abinjola Tue, 03/20/2007 - 10:40
User Badges:
  • Cisco Employee,

disable inspect skinny....

pregan Tue, 03/20/2007 - 11:41
User Badges:

you my friend are a star ..


i'd even looked at the match this pm when checking http inspect and i missed that skinny /2000 ..


thanks for your help.

Actions

This Discussion