Problem with SQL Connection through an ASA

Unanswered Question
Dec 21st, 2007

Hi,

I have a problem with a SQL Connection which is going out of the network to a server hosting the service on the internet.

I have a setup an incoming rule on the inside interface. Details below:

Client Private IP > Public IP SQL Server port 1433.

The connection though is not sucessful.

Anyone come across this on an ASA.

Thanks

Kev

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
davemit Fri, 12/21/2007 - 12:49

I would try doing some basic troubleshooting like pinging the server, and trying to establish a manual connectino on that port (telnet x.x.x.x 1433).

Also enable debug level logging on your ASA and look for the syslogs. Make note of the connection being created and torn down, and make sure there are no XLate or ACL errors.

Lastly, you can set up a capture on the outside interface to verify that your packets are being sent out that interface and you can see what, if any packets are being returned from the end host.

Good luck!

kevinhobson2000 Fri, 12/28/2007 - 01:08

Hi,

I did a packet trace from the GUI and it said it was allowed through can it be relied on?

Cbeers

Kev

cisco24x7 Fri, 12/28/2007 - 06:48

do you have this in your config:

nat (inside) 1 0 0

global (outside) 1 interface

access-list test permit ip any any log

access-group test in interface inside

As a test, try the following:

nat (inside) 1 0 0

global (outside) 1 interface

access-list test permit ip any any log

access-group test in interface inside

access-group test in interface outside

CCIE Security

Actions

This Discussion