ftp & rdp connection issues

Unanswered Question
Jan 15th, 2009
User Badges:

Hi,


I currently have an issue with ftp and rdp connections from 2 specific hosts. I have setup acls to allow for ftp and rdp connections from our internal network to these two specific hosts in the dmz. We have 2 ASA 5520 setup in a Active/Standby Configuration. The acls in question have been setup with logging enabled and when l go to attempt to connect via ftp or rdp to the specific hosts the connections timeout.


As you can see from the below logs the access-list is permitted but then it tries to build the connection but then automatically tears it down. Could someone please explain why my internal host is not connecting successfully on rdp to this host in our dmz ?? If you need additional configs from the ASA or other equipment please let me know.


6|Jan 16 2009|09:59:59|302014|fsqftp|3389|172.16.28.104|2392|Teardown TCP connection 11122215 for dmz1:fsqftp/3389 to inside:172.16.28.104/2392 duration 0:00:00 bytes 0 TCP Reset-I

6|Jan 16 2009|09:59:59|302013|fsqftp|3389|172.16.28.104|2392|Built outbound TCP connection 11122215 for dmz1:fsqftp/3389 (fsqftp/3389) to inside:172.16.28.104/2392 (172.16.28.104/2392)

6|Jan 16 2009|09:59:53|302014|fsqftp|3389|172.16.28.104|2392|Teardown TCP connection 11122181 for dmz1:fsqftp/3389 to inside:172.16.28.104/2392 duration 0:00:00 bytes 0 TCP Reset-I

6|Jan 16 2009|09:59:52|302013|fsqftp|3389|172.16.28.104|2392|Built outbound TCP connection 11122181 for dmz1:fsqftp/3389 (fsqftp/3389) to inside:172.16.28.104/2392 (172.16.28.104/2392)

6|Jan 16 2009|09:59:50|302014|fsqftp|3389|172.16.28.104|2392|Teardown TCP connection 11122158 for dmz1:fsqftp/3389 to inside:172.16.28.104/2392 duration 0:00:00 bytes 0 TCP Reset-I

6|Jan 16 2009|09:59:50|302013|fsqftp|3389|172.16.28.104|2392|Built outbound TCP connection 11122158 for dmz1:fsqftp/3389 (fsqftp/3389) to inside:172.16.28.104/2392 (172.16.28.104/2392)

7|Jan 16 2009|09:59:50|106100|172.16.28.104|2392|fsqftp|3389|access-list inbound_inside permitted tcp inside/172.16.28.104(2392) -> dmz1/fsqftp(3389) hit-cnt 1 first hit [0x72ce6f24, 0x0]


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Tshi M Tue, 01/20/2009 - 13:10
User Badges:
  • Silver, 250 points or more

Hi Simon


Do you have a static (inside,dmz) configured?

sdoremus33 Tue, 01/20/2009 - 13:39
User Badges:
  • Bronze, 100 points or more

If its no trouble could you please provide the config for these translations from the inside hosts to the DMZ devices, an also the stndby config. Thanks

Actions

This Discussion