Having trouble matching Old PIX and new ASA configs

Answered Question
Jul 15th, 2011

Hi, I've recently upgraded my old firewall from a PIX to an ASA5505 and have been trying to match up the configuration settings to no avail.

First problem I have is that I can't ping the new firewall on it's inside interface, despite having "icmp permit any inside" in the running config.

Secondly, the server I have on there ("Sar") can't connect out to the internet.

I've included the ASA's running config incase anybody can see if something stands out. I have a feeling it's either not letting anything onto the inside interface, or there is no nat going on.

Lastly (and possibly relevant), the firewall is actually going at the end of a vlan, which is different to the firewall's inside vlan number. I don't know if this is actually the problem because the server can't connect out even if connected directly into the firewall.

Cheers,

I have this problem too.
0 votes
Correct Answer by varrao about 2 years 9 months ago

Great!!!! , yes it is an access-list issue.

we need to have  the following access-list:

access-list outside_access_in extended permit tcp any object Sar eq 3389

we would need to use the real ip of the server and not public ip, in version 8.3 or above.

This shoudl definitely resolve the issue for you.

Hope this helps,

Thanks,

Varun

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 4.5 (13 ratings)
varrao Fri, 07/15/2011 - 05:06

Hi Wez,

Just reload the upstream and downstream devices, connected to the ASA, to clear out their arp cache tables. That should help, if still issue persists, kindly post

Thanks,

Varun

amakovec Fri, 07/15/2011 - 05:06

hi,

if you replaced the firewall, the MAC address has been change. You need to clear the arp entries for the other devices to learn the new MAC address.

Also you can confirm by the packet capture that the packet reaches the ASA or not.

Packet capturing an firewalls: https://supportforums.cisco.com/docs/DOC-17345

kind regards

Adam

KingPrawns Fri, 07/15/2011 - 05:55

What do you mean by reload the devices? Would power cycling them work? The firewall connects to a managed modem provided by my ISP, I don't have access to it's configuration directly.

I've managed to get the server to ping the firewall now (wrong subnet) but still can't connect out to the internet.

varrao Fri, 07/15/2011 - 05:57

Yes, a power cycle would work fine.

Thanks,

Varun

KingPrawns Fri, 07/15/2011 - 06:38

Power cycled the router that the ASA connects into with no luck. Haven't restarted my server though, but I don't think that'd be the problem.

Out of interest, If I wanted to check that the firewall has connectivity, could I ping a server outside my network like google.com?

KingPrawns Fri, 07/15/2011 - 07:02

Following the capture instructions now, got a question about it though.

It says to set up access list for 10.10.10.1 as the client IP. Is that an external server like 4.2.2.2 or the ip of the router/firewall?

KingPrawns Fri, 07/15/2011 - 06:45

bt# sho run

: Saved

:

ASA Version 8.4(1)

!

hostname bt

domain-name mcserv.co.uk

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface Vlan1

nameif inside

security-level 100

ip address 10.20.3.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

ip address xxx.xxx.9.130 255.255.255.192

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

ftp mode passive

dns server-group DefaultDNS

domain-name mcserv.co.uk

object network obj_any

subnet 0.0.0.0 0.0.0.0

object network Sar

host 10.20.3.151

object network Sar_Outside

host xxx.xxx.9.151

object-group network WebServers

network-object object Sar_Outside

object-group service WebsiteTraffic

description Website required services

service-object tcp destination eq www

service-object tcp destination eq https

service-object tcp destination eq smtp

access-list outside_access_in extended permit tcp any object Sar_Outside eq 3389

access-list outside_access_in extended permit object-group WebsiteTraffic any object-group WebServers

pager lines 24

logging asdm informational

mtu inside 1500

mtu outside 1500

icmp unreachable rate-limit 1 burst-size 1

icmp permit any inside

no asdm history enable

arp timeout 14400

!

object network obj_any

nat (inside,outside) dynamic interface

object network Sar

nat (inside,outside) static Sar_Outside

access-group outside_access_in in interface outside

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

dynamic-access-policy-record DfltAccessPolicy

http server enable

http 192.168.1.0 255.255.255.0 inside

http 10.20.3.0 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd auto_config outside

!

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

webvpn

!

class-map global-class

match default-inspection-traffic

!

!

policy-map type inspect dns dns-map

parameters

  message-length maximum client 512

  message-length maximum 512

policy-map global-policy

class global-class

  inspect dns dns-map

  inspect ftp

  inspect icmp

  inspect icmp error

  inspect http

  inspect rtsp

  inspect rsh

  inspect sip

  inspect skinny

  inspect sqlnet

  inspect tftp

!

service-policy global-policy global

prompt hostname context

call-home

profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

Cryptochecksum:2b24cf92dd709b0721cd29819d300c39

: end


Here is the current running config for those who don't want to have to dl the attachment

amakovec Fri, 07/15/2011 - 06:47

yes, but you have to allow the icmp  on the outside interface's ACL

varrao Fri, 07/15/2011 - 06:48

Please take captures on the firewall as suggested by Adam, try pinging 4.2.2.2, from the server machine, check in the captures whether the packets are reaching the firewall and being forwarded to the router.

Varun

varrao Fri, 07/15/2011 - 07:29

Hi Wez,

access-list cap permit ip host 10.20.3.151 host 4.2.2.2

access-list cap permit ip host 4.2.2.2 host 10.20.3.151

access-list cap permit ip host  host 4.2.2.2 host xxx.xxx.9.151

access-list cap permit ip host host xxx.xxx.9.151 host 4.2.2.2

capture capin access-list cap interface inside

capture capo access-list cap interface outside

Try pinging from the servers to 4.2.2.2, and then do show cap capin and show cap capo.

Make sure you permit the ping return traffic by adding an acl on the outside interafce as mentioned by Adam.

Varun

KingPrawns Fri, 07/15/2011 - 07:52

bt# show cap capin

2 packets captured

   1: 07:41:13.446510 802.1Q vlan#1 P0 10.20.3.151 > 4.2.2.2: icmp: echo request

   2: 07:41:16.518772 802.1Q vlan#1 P0 10.20.3.151 > 4.2.2.2: icmp: echo request

2 packets shown

bt# show cap capo

0 packet captured

0 packet shown

So the packets aren't getting through the outside interface? I've added "icmp permit any outside" so I don't think I'm rejecting anything.

varrao Fri, 07/15/2011 - 10:21

Hi Wez,

You are missing a route in here:

the route should be added like this:

route outside 0.0.0.0 0.0.0.0 1

Hope this helps,

Thanks,

Varun

KingPrawns Sat, 07/16/2011 - 02:19

route outside 0.0.0.0 0.0.0.0 1

That would make sense, but how do I work out the next hop? All the firewall is doing is swapping inside traffic for outside.

Unless you mean the router connected to the outside interface (xxx.xxx.9.129), in which case is it something like:

route outside 0.0.0.0 0.0.0.0 xxx.xxx.9.129 1

varrao Sat, 07/16/2011 - 02:25

Hi Wez,

Absolutely, thats wat I meant,:

route outside 0.0.0.0 0.0.0.0 xxx.xxx.9.129 1

Go ahead and let me know if this works out for us.

Thanks,

Varun

KingPrawns Sun, 07/17/2011 - 05:41

I've added in the route and still not getting anything from the outside packet capture. The router on xxx.xxx.9.129 responds to ping from the firewall, so in theory I should be able to ping it from the server too?

Here is the current config:

bt# sho run

: Saved

:

ASA Version 8.4(1)

!

hostname bt

domain-name mcserv.co.uk

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface Vlan1

nameif inside

security-level 100

ip address 10.20.3.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

ip address xxx.xxx.9.130 255.255.255.192

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

ftp mode passive

dns server-group DefaultDNS

domain-name mcserv.co.uk

object network obj_any

subnet 0.0.0.0 0.0.0.0

object network Sar

host 10.20.3.151

object network Sar_Outside

host xxx.xxx.9.151

object-group network WebServers

network-object object Sar_Outside

object-group service WebsiteTraffic

description Website required services

service-object tcp destination eq www

service-object tcp destination eq https

service-object tcp destination eq smtp

access-list outside_access_in extended permit tcp any object Sar_Outside eq 3389

access-list outside_access_in extended permit object-group WebsiteTraffic any object-group WebServers

access-list cap extended permit ip host 10.20.3.151 host 4.2.2.2

access-list cap extended permit ip host 4.2.2.2 host 10.20.3.151

access-list cap extended permit ip host 4.2.2.2 host xxx.xxx.9.151

access-list cap extended permit ip host xxx.xxx.9.151 host 4.2.2.2

pager lines 24

logging asdm informational

mtu inside 1500

mtu outside 1500

icmp unreachable rate-limit 1 burst-size 1

icmp permit any inside

icmp permit any outside

no asdm history enable

arp timeout 14400

!

object network obj_any

nat (inside,outside) dynamic interface

object network Sar

nat (inside,outside) static Sar_Outside

access-group outside_access_in in interface outside

route outside 0.0.0.0 0.0.0.0 xxx.xxx.9.129 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

dynamic-access-policy-record DfltAccessPolicy

http server enable

http 192.168.1.0 255.255.255.0 inside

http 10.20.3.0 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd auto_config outside

!

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

webvpn

!

class-map global-class

match default-inspection-traffic

!

!

policy-map type inspect dns dns-map

parameters

  message-length maximum client 512

  message-length maximum 512

policy-map global-policy

class global-class

  inspect dns dns-map

  inspect ftp

  inspect icmp

  inspect icmp error

  inspect http

  inspect rtsp

  inspect rsh

  inspect sip

  inspect skinny

  inspect sqlnet

  inspect tftp

!

service-policy global-policy global

prompt hostname context

call-home

profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

Cryptochecksum:f36d6cfcf9791d95e642ae7c4289ed05

: end

varrao Sun, 07/17/2011 - 06:27

Hi Wez,

Now that we have the route in place, can you take the captures again, to see if the packets are getting to the outside interface, unlike earlier.

and also plz provide the complete output of :

packet-tracer input inside tcp 10.20.3.151 2345 1.1.1.1 80 detailed.

Thanks,

Varun

KingPrawns Sun, 07/17/2011 - 10:42

Ok, we have progress!

I can now access the internet (www.google.com) from the server, however I can't seem to RDP to it or connect to any of the websites. I'm guessing these are access control issues?

Btw, Here is the output of the packet-tacer and capture:

Phase: 1

Type: CAPTURE

Subtype:

Result: ALLOW

Config:

Additional Information:

Forward Flow based lookup yields rule:

in  id=0xca88f500, priority=13, domain=capture, deny=false

        hits=1779, user_data=0xca88f400, cs_id=0x0, l3_type=0x0

        src mac=0000.0000.0000, mask=0000.0000.0000

        dst mac=0000.0000.0000, mask=0000.0000.0000

        input_ifc=inside, output_ifc=any

Phase: 2

Type: ACCESS-LIST

Subtype:

Result: ALLOW

Config:

Implicit Rule

Additional Information:

Forward Flow based lookup yields rule:

in  id=0xcabe35b8, priority=1, domain=permit, deny=false

        hits=1631, user_data=0x0, cs_id=0x0, l3_type=0x8

        src mac=0000.0000.0000, mask=0000.0000.0000

        dst mac=0000.0000.0000, mask=0100.0000.0000

        input_ifc=inside, output_ifc=any

Phase: 3

Type: ROUTE-LOOKUP

Subtype: input

Result: ALLOW

Config:

Additional Information:

in   0.0.0.0         0.0.0.0         outside

Phase: 4

Type: IP-OPTIONS

Subtype:

Result: ALLOW

Config:

Additional Information:

Forward Flow based lookup yields rule:

in  id=0xcabe5db0, priority=0, domain=inspect-ip-options, deny=true

        hits=60, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0

        src ip/id=0.0.0.0, mask=0.0.0.0, port=0

        dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0

        input_ifc=inside, output_ifc=any

Phase: 5

Type: INSPECT

Subtype: np-inspect

Result: ALLOW

Config:

class-map global-class

match default-inspection-traffic

policy-map global-policy

class global-class

  inspect http

service-policy global-policy global

Additional Information:

Forward Flow based lookup yields rule:

in  id=0xcb225d98, priority=70, domain=inspect-http, deny=false

        hits=2, user_data=0xcb225b90, cs_id=0x0, use_real_addr, flags=0x0, protocol=6

        src ip/id=0.0.0.0, mask=0.0.0.0, port=0

        dst ip/id=0.0.0.0, mask=0.0.0.0, port=80, dscp=0x0

        input_ifc=inside, output_ifc=any

Phase: 6

Type: NAT

Subtype:

Result: ALLOW

Config:

object network Sar

nat (inside,outside) static Sar_Outside

Additional Information:

Static translate 10.20.3.151/2345 to xxx.xxx.9.151/2345

Forward Flow based lookup yields rule:

in  id=0xcabc7510, priority=6, domain=nat, deny=false

        hits=53, user_data=0xcabc8c40, cs_id=0x0, use_real_addr, flags=0x0, protocol=0

        src ip/id=10.20.3.151, mask=255.255.255.255, port=0

        dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0

        input_ifc=inside, output_ifc=outside

Phase: 7

Type: IP-OPTIONS

Subtype:

Result: ALLOW

Config:

Additional Information:

Reverse Flow based lookup yields rule:

in  id=0xcac54358, priority=0, domain=inspect-ip-options, deny=true

        hits=58, user_data=0x0, cs_id=0x0, reverse, flags=0x0, protocol=0

        src ip/id=0.0.0.0, mask=0.0.0.0, port=0

        dst ip/id=0.0.0.0, mask=0.0.0.0, port=0, dscp=0x0

        input_ifc=outside, output_ifc=any

Phase: 8

Type: FLOW-CREATION

Subtype:

Result: ALLOW

Config:

Additional Information:

New flow created with id 66, packet dispatched to next module

Module information for forward flow ...

snp_fp_tracer_drop

snp_fp_inspect_ip_options

snp_fp_tcp_normalizer

snp_fp_inspect_http

snp_fp_translate

snp_fp_adjacency

snp_fp_fragment

snp_ifc_stat

Module information for reverse flow ...

snp_fp_tracer_drop

snp_fp_inspect_ip_options

snp_fp_translate

snp_fp_tcp_normalizer

snp_fp_inspect_http

snp_fp_adjacency

snp_fp_fragment

snp_ifc_stat

Result:

input-interface: inside

input-status: up

input-line-status: up

output-interface: outside

output-status: up

output-line-status: up

Action: allow

---------------

bt(config)# sho cap capo

8 packets captured

   1: 05:27:07.728493 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

   2: 05:27:12.494252 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

   3: 05:28:08.333967 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

   4: 05:28:13.226382 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

   5: 10:24:25.168204 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

   6: 10:24:30.242358 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

   7: 10:24:34.874359 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

   8: 10:24:39.506443 802.1Q vlan#2 P0 xxx.xxx.9.151 > 4.2.2.2: icmp: echo request

8 packets shown

Correct Answer
varrao Sun, 07/17/2011 - 10:51

Great!!!! , yes it is an access-list issue.

we need to have  the following access-list:

access-list outside_access_in extended permit tcp any object Sar eq 3389

we would need to use the real ip of the server and not public ip, in version 8.3 or above.

This shoudl definitely resolve the issue for you.

Hope this helps,

Thanks,

Varun

KingPrawns Sun, 07/17/2011 - 10:54

Awesome, that's got me into RDP now. I'm guessing I need to do the same thing to allow port 80 traffic in too?

Edit, got it, just changed the port number after eq.

Thanks for everything, you've been a godsend. If you're ever in town, beers are on me!

varrao Sun, 07/17/2011 - 10:58

Absolutely, happy it resolved the issue for you

-Varun

varrao Sun, 07/17/2011 - 11:08

Thanks a lot Wez for your ratings.....all the best and take care

-Varun

KingPrawns Thu, 09/22/2011 - 04:41

Hey, sorry to dig up an old thread but I'm having a similar problem when moving a new server to this vlan/subnet.

Weirdly I can ping anything on the internet from the server (call it 10.20.3.148 or Dev1 ) but when I try access the internet, it fails. Something is stopping port 80 traffic

The following packet trace shows that all traffic is allowed:

     packet-tracer input inside tcp 10.20.3.148 2345 1.1.1.1 80 detailed

Results:

     input-interface: inside

     input-status: up

     input-line-status: up

     output-interface: outside

     output-status: up

     output-line-status: up

     Action: allow

Here are my rules, I tried to copy the existing server (Sar) but with no success

bt(config)# sho run access-list

access-list outside_access_in extended permit tcp any object Sar_Outside eq 3389

access-list outside_access_in extended permit object-group WebsiteTraffic any object-group WebServers

access-list outside_access_in extended permit tcp any host xxx.xxx.9.151 object-group RemoteDesktop

access-list outside_access_in extended permit tcp any object Sar eq 3389

access-list outside_access_in extended permit tcp any object Sar eq www

access-list outside_access_in extended permit tcp any object Sar eq https

access-list outside_access_in extended permit tcp any object Sar eq ftp-data

access-list outside_access_in extended permit tcp any object Sar eq ftp

access-list outside_access_in extended permit tcp any object Sar eq 1433

access-list outside_access_in extended permit tcp any object Dev1 eq www

access-list outside_access_in extended permit tcp any object Dev1_Outside eq www

bt(config)# sho run object-group

object-group network WebServers

network-object object Sar_Outside

network-object object Dev1_Outside

network-object object Dev1

object-group service WebsiteTraffic

description Website required services

service-object tcp destination eq www

service-object tcp destination eq https

service-object tcp destination eq smtp

object-group service RemoteDesktop tcp

port-object range 3389 3389

bt(config)# sho run nat

!

object network obj_any

nat (inside,outside) dynamic interface

object network Sar

nat (inside,outside) static Sar_Outside

object network Dev1

nat (inside,outside) static Dev1_Outside

bt(config)# sho run object

object network obj_any

subnet 0.0.0.0 0.0.0.0

object network Sar

host 10.20.3.151

object network Sar_Outside

host xxx.xxx.9.151

object network Dev1

host 10.20.3.148

object network Dev1_Outside

host xxx.xxx.9.148

varrao Thu, 09/22/2011 - 04:45

Hi Wez,

welcome back

It seems to be a DNS issue , since you are able to ping internet but not access website, can you put the DNS server Ip to be 4.2.2.2 on the host machine and try again???

Thanks,

Varun

KingPrawns Thu, 09/22/2011 - 05:03

Ah, that's fixed me going out on port 80 ( i can access google at least!) but what about connections coming in?

When trying to browse to a website on the server externally I just get a connection refused error. Guessing that's the firewall side?

varrao Thu, 09/22/2011 - 05:07

Could be possible!!!!

I woudl request you provide me the following details:

Ip address of the server

Public ip used for this server

Is it behind the Inside interface??

I'll let you know the config for it.

Thanks,

Varun

varrao Thu, 09/22/2011 - 05:58

Hi Wez,

Thanks for the information, I have gone through it and I would suggest that the configuration is fine, casn you test with packet-captures, as I had suggested you earlier in the thread and check where the packets are getting dropped??

Thanks,

Varun

varrao Thu, 09/22/2011 - 05:58

Make sure the port on the server is open as well.

KingPrawns Thu, 09/22/2011 - 06:34

Ran a port scan via (https://www.grc.com/) and it's come up with port 80 being closed. I don't think it's an issue on the server itself as I've just scanned an identical server from the subnet it came from and port 80 came up as open.

I get how packet caps work for pinging, does it function the same way for web traffic?

Obviously I can't browse from 4.2.2.2, do I need to get an external IP and try connect from there?

varrao Thu, 09/22/2011 - 06:43

Hi Wez,

Yes, you need to access the url from outside for it, for applying captures use this:

access-list cap permit ip any host xx.xx.xx.148

access-list cap permit ip host xx.xx.xx.148 any

access-list cap permit ip any host 10.150.3.148

access-list cap permit ip host 10.150.3.148 any

cap capo access-list cap interface outside

cap capin access-list cap interface inside

after this try accessiong the url from outside, and then collect the following outputs on ASA.

show cap capo

show cap capin

This shoudl tell where packets are being dropped.

Thanks,

Varun

varrao Thu, 09/22/2011 - 07:09

Hi Wez,

Thanks for the data, as you can see in the captures, as soon as the firewall sends a request for the connection, the server is sending a Reset for it, so I woudl suggest you to troubleshoot why the server is sending a reset. Ceck if any firewall on the server is blocking the connection. Try putting an exception for the port 80.

S -------> SYN      (initial connection request)

R -------> Reset

Hope this helps.

Thanks,

Varun

KingPrawns Thu, 09/22/2011 - 07:13

I think I've fixed it!

The captures were returning with it all clear, so I did some digging and it looks like there was an entry in the registry for the old ip address that stopped IIS from returning any sites.

(HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Pa rameters\ListenOnlyList in case anyone else has the problem.)

Once again, much appreciated!

varrao Thu, 09/22/2011 - 07:16

Hey thats great!!!!!!!! Thanks for the rating

-Varun

Actions

Login or Register to take actions

This Discussion

Posted July 15, 2011 at 4:59 AM
Stats:
Replies:32 Avg. Rating:4.5
Views:2132 Votes:0
Shares:0

Related Content

Discussions Leaderboard

Rank Username Points
1 7,861
2 6,140
3 3,170
4 1,473
5 1,446