Unanswered Question
Aug 19th, 2009
User Badges:

Dear Sir,

The following acl is applied to the asa inside interface.

access-list 100 permit tcp host any eq 5017

access-list 100 deny ip any any

access-group 100 in interface inside.

Netstat in windows command prompt shows that the connection on that port is initiated through the firewall but the return traffic is being blocked,

I learnt that tcp traffic obey to stateful inspection means that return traffic are always allowed for tcp.

Why is the return traffic being blocked?What can i do ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Wed, 08/19/2009 - 11:01
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

So you are trying to connect from to any address on port 5017 ?

What is port 5017 ie. what application ?

Could you post the ASA config ?


kolawole1 Thu, 08/20/2009 - 00:34
User Badges:

The application is netstream it connects to some satellites and collects information.

Thank you.


This Discussion