Hi,
Topology:
Host -> FWSM -> Cat65K (Host Source IP PAT'ed on SVI) -> ASA 2 -> ASA 1 (Source IP again PAT'ed on outside interface -> Internet
I am not able to access the internet with the above. Only built connection logs can be seen on all the firewalls and after some wait a TCP Reset-O is seen on them. I ran a sniffer on the host and noticed that the initial SYN, SYN/ACK, ACK goes thru but then the host goes into a loop of TCP Retransmission/Dup ACK and the destination never responds.
Can dual PAT'ing on the way out to the internet can cause such problems. For some reason, the destination does not recognize any exchange after the initial TCP handshake.
Please assist.
Thanks.