I am looking at the logs in the ADSM and I get the following set of lines (at the bottom).
What is supposed to be happening is that software on VISTA_CCTV on the inside is to talk to an internal address at 126.96.36.199.
VISTA_CCTV -- [ASA] >>>INTERNET<<<< [188.8.131.52]-- TECH_CCTV
However we are getting the deny message as shown below. The port supposedly used by the software (according to their tech guys) on the box is port 3000. So this has been allowed through on both sites. We seem to be able to get to the site fine through our pix at the other end, but we get the deny message on this ASA 5505. Can you help?
VISTA_CCTV OUTSIDE_IF Teardown dynamic TCP translation from inside:VISTA_CCTV/2272 to outside:OUTSIDE_IF/1055 duration 0:01:00
184.108.40.206 OUTSIDE_IF Deny TCP (no connection) from 220.127.116.11/3000 to OUTSIDE_IF/1055 flags PSH ACK on interface outside
18.104.22.168 VISTA_CCTV Teardown TCP connection 99 for outside:22.214.171.124/3000 to inside:VISTA_CCTV/2272 duration 0:00:40 bytes 263 TCP Reset-I
126.96.36.199 VISTA_CCTV Built outbound TCP connection 99 for outside:188.8.131.52/3000 (184.108.40.206/3000) to inside:VISTA_CCTV/2272 (OUTSIDE_IF/1055)
VISTA_CCTV OUTSIDE_IF Built dynamic TCP translation from inside:VISTA_CCTV/2272 to outside:OUTSIDE_IF/1055
access-list inside extended permit tcp any host OUTSIDE_IF eq 3000
static (inside,outside) tcp interface 3000 VISTA_CCTV 3000 netmask 255.255.255.255