ASA not allowing connection from Mobile device to CUMA Server

Unanswered Question
Dec 16th, 2009

Afternoon security massive,

     Im a voice guy trying( and failing) to get my mobile devices connected to my CUMA server that sits behind my ASA. I can see the Inbound TCP connection attempt here:

6Dec 16 200913:53:0830201389.193.21.11648847192.168.100.1319080Built inbound TCP connection 486 for outside:89.193.21.116/48847 (89.193.21.116/48847) to inside:192.168.100.131/9080 (195.157.156.94/9080)

But then shortly after I recieve the following:

6Dec 16 200913:53:1830201489.193.21.11648847192.168.100.1319080Teardown TCP connection 486 for outside:89.193.21.116/48847 to inside:192.168.100.131/9080 duration 0:00:10 bytes 0 TCP Reset-O

Ive attached a copy of the config on the ASA for your perusal, any comments would be massively appreciated.

C.

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Diego Armando C... Thu, 01/14/2010 - 11:54

Lets try this.

access-list CAPTUREOUT extended permit tcp any host 195.157.156.94 eq 5443

access-list CAPTUREOUT extended permit tcp any host 195.157.156.94 eq 6532

access-list CAPTUREOUT extended permit tcp any host 195.157.156.94 eq 9080

access-list CAPTUREOUT extended permit tcp host 195.157.156.94 eq 5443 any

access-list CAPTUREOUT extended permit tcp host 195.157.156.94 eq 6532 any

access-list CAPTUREOUT extended permit tcp host 195.157.156.94 eq 9080 any

access-list CAPTUREIN extended permit tcp any host 192.168.100.131 eq 5443

access-list CAPTUREIN extended permit tcp any host 192.168.100.131 eq 6532

access-list CAPTUREIN extended permit tcp any host 192.168.100.131 eq 9080

access-list CAPTUREIN extended permit tcp host 192.168.100.131 eq 5443 any

access-list CAPTUREIN extended permit tcp host 192.168.100.131 eq 6532 any

access-list CAPTUREIN extended permit tcp host 192.168.100.131 eq 9080 any

Capture CAPOUT access-list CAPTUREOUT interface outside

Capture CAPIN access-list CAPTUREIN interface inside

Clear asp drop

Try a couple of times to get the packets from the CUMA and then send us the show asp drop and the show cap CAPOUT and CAPIN.

Actions

This Discussion