Hi guys,
I am running multiple context mode on our ASA, now trying to setup access for one of our developers to access a server. Basically what he is doing is he is RDPing into a box in DMZ and from there http://xxxxx:1727 port. Now i have configured the access rules and everything and when i do a packet trace from firewall it is allowing the packet so doesnt seem to be a access rule issue, however when the developer is trying to access from that RDP box he is unable to connect.....
please refer to below log when he is trying to connect...teardown caused by SYN timeout .. would need your expertise on what could cause the issue
6 Feb 08 2010 10:43:25 302013 SRVDWX3550X002 50619 VSVWIN2008E033 1727 Built inbound TCP connection 41451469 for DMZ-I-SAS:SRVDWX3550X002/50619 (SRVDWX3550X002_NAT/50619) to Internal-SAS:VSVWIN2008E033/1727 (VSVWIN2008E033_NAT/1727)
6 Feb 08 2010 10:43:56 302014 SRVDWX3550X002 50619 VSVWIN2008E033 1727 Teardown TCP connection 41451469 for DMZ-I-SAS:SRVDWX3550X002/50619 to Internal-SAS:VSVWIN2008E033/1727 duration 0:00:30 bytes 0 SYN Timeout
to RDP in i have created a different context so all the management sort of traffic uses that context... he RDPs into x.x.64.101 address and the actual access rule applied for source is x.x.74.101.... would it be causing any issue i dont think so...
Below is the log when i run capture on firewall the teardown here is caused due to TCP Reset-O which is alright
6 | Feb 08 2010 | 11:18:02 | 302013 | SRVDWX3550X002_NAT | 1727 | VSVWIN2008E033 | 1727 | Built inbound TCP connection 41476146 for DMZ-I-SAS:SRVDWX3550X002_NAT/1727 (SRVDWX3550X002_NAT/1727) to Internal-SAS:VSVWIN2008E033/1727 (VSVWIN2008E033/1727) |
6 | Feb 08 2010 | 11:18:32 | 302014 | SRVDWX3550X002_NAT | 1727 | VSVWIN2008E033 | 1727 | Teardown TCP connection 41476146 for DMZ-I-SAS:SRVDWX3550X002_NAT/1727 to Internal-SAS:VSVWIN2008E033/1727 duration 0:00:30 bytes 0 TCP Reset-O |