Application trouble over site-site vpn link

Unanswered Question

I have some problems with a program that won't initiate over a vpn link. Users on the 192.168.99.0 side, starts the program client. The client then contacts its database on 192.169.98.12, to load the program. The user credentials, clearly gets checked, as a wrongful password is denied. The client tries to load the program, but hangs.

Heres the log on the 192.168.98.0 side:

6|Oct 24 2008|09:14:39|106015|192.168.98.12|2812|192.168.99.102|2562|Deny TCP (no connection) from 192.168.98.12/2812 to 192.168.99.102/2562 flags ACK on interface inside

6|Oct 24 2008|09:14:39|106015|192.168.98.12|2812|192.168.99.102|2562|Deny TCP (no connection) from 192.168.98.12/2812 to 192.168.99.102/2562 flags PSH ACK on interface inside

6|Oct 24 2008|09:14:39|302014|192.168.99.102|2562|192.168.98.12|2812|Teardown TCP connection 21782 for Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 duration 0:00:04 bytes 28870 Flow closed by inspection

4|Oct 24 2008|09:14:39|507001|192.168.99.102|2562|192.168.98.12|2812|Terminating TCP-Proxy connection from Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 - reassembly limit of 8192 bytes exceeded

6|Oct 24 2008|09:14:35|302014|192.168.99.102|2560|192.168.98.12|1521|Teardown TCP connection 21781 for Outside:192.168.99.102/2560 to inside:192.168.98.12/1521 duration 0:00:00 bytes 296 TCP FINs

6|Oct 24 2008|09:14:35|302013|192.168.99.102|2562|192.168.98.12|2812|Built inbound TCP connection 21782 for Outside:192.168.99.102/2562 (192.168.99.102/2562) to inside:192.168.98.12/2812 (192.168.98.12/2812)

6|Oct 24 2008|09:14:35|302013|192.168.99.102|2560|192.168.98.12|1521|Built inbound TCP connection 21781 for Outside:192.168.99.102/2560 (192.168.99.102/2560) to inside:192.168.98.12/1521 (192.168.98.12/1521)

6|Oct 24 2008|09:14:16|302021|192.168.99.102|512|192.168.98.12|0|Teardown ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

6|Oct 24 2008|09:14:16|302021|192.168.99.102|512|192.168.98.12|0|Teardown ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

6|Oct 24 2008|09:14:14|302013|192.168.99.102|2557|192.168.98.12|139|Built inbound TCP connection 21774 for Outside:192.168.99.102/2557 (192.168.99.102/2557) to inside:192.168.98.12/139 (192.168.98.12/139)

6|Oct 24 2008|09:14:14|302015|192.168.99.102|137|192.168.98.12|137|Built inbound UDP connection 21773 for Outside:192.168.99.102/137 (192.168.99.102/137) to inside:192.168.98.12/137 (192.168.98.12/137)

6|Oct 24 2008|09:14:13|302014|192.168.99.102|2556|192.168.98.12|445|Teardown TCP connection 21772 for Outside:192.168.99.102/2556 to inside:192.168.98.12/445 duration 0:00:01 bytes 0 TCP Reset-I

6|Oct 24 2008|09:14:12|302013|192.168.99.102|2556|192.168.98.12|445|Built inbound TCP connection 21772 for Outside:192.168.99.102/2556 (192.168.99.102/2556) to inside:192.168.98.12/445 (192.168.98.12/445)

6|Oct 24 2008|09:14:12|302020|192.168.98.12|0|192.168.99.102|512|Built outbound ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

6|Oct 24 2008|09:14:12|302020|192.168.99.102|512|192.168.98.12|0|Built inbound ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

Everything else, communication wise works flawlessly on this link.

Any ideas ??

All help appreciated!

Regards

Ole V

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Sorry for the bump, but surely someone must have something clever to say about this log?

There are three lines here, that i think might be the source for the "Deny TCP (no connection)..." entries:

6|Oct 24 2008|09:14:13|302014|192.168.99.102|2556|192.168.98.12|445|Teardown TCP connection 21772 for Outside:192.168.99.102/2556 to inside:192.168.98.12/445 duration 0:00:01 bytes 0 TCP Reset-I

Oct 24 2008|09:14:39|507001|192.168.99.102|2562|192.168.98.12|2812|Terminating TCP-Proxy connection from Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 - reassembly limit of 8192 bytes exceeded

Oct 24 2008|09:14:39|302014|192.168.99.102|2562|192.168.98.12|2812|Teardown TCP connection 21782 for Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 duration 0:00:04 bytes 28870 Flow closed by inspection

Actions

This Discussion