05-16-2007 10:25 AM - edited 03-11-2019 03:15 AM
We're running 7.2(2) on a PIX 525. We can't seem to access one website. No deny messages show up in the syslog, just a TCP reset message.
2007-05-16 13:40:05 Local4.Info inet-pix May 16 2007 13:40:05: %PIX-6-302014: Teardown TCP connection 673938 for outside:207.46.248.109/80 to inside:10.x.x.x/3777 duration 0:01:01 bytes 1274 TCP Reset-I
I found one article on CISCO's website that referenced an issue with large MSS, but that doesn't seem to be the problem. Any ideas?
05-17-2007 03:57 PM
Please post your config.
Btw, You didnt have to hide "inside:10.x.x.x/3777" as it wont be reachable from the outside anyway. ;o)
05-18-2007 05:16 AM
05-22-2007 10:07 PM
hello
as what i know and seen, TCP Reset-1 message appears when the remote host rejects or send a malformed packet reply
also did you try connecting from outside to this site at the same time when you had the problem, this might give you a clue.
HTH, please rate it
05-23-2007 05:01 AM
I've tried it from outside and don't see the TCP-Reset. But the only hosts that seem to be able to access the site are the ones I've got setup with a static translation. Can a single IP address be used as a static translation for multiple IPs?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: