cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
448
Views
0
Helpful
2
Replies

Application trouble over site-site vpn link

ov
Level 1
Level 1

I have some problems with a program that won't initiate over a vpn link. Users on the 192.168.99.0 side, starts the program client. The client then contacts its database on 192.169.98.12, to load the program. The user credentials, clearly gets checked, as a wrongful password is denied. The client tries to load the program, but hangs.

Heres the log on the 192.168.98.0 side:

6|Oct 24 2008|09:14:39|106015|192.168.98.12|2812|192.168.99.102|2562|Deny TCP (no connection) from 192.168.98.12/2812 to 192.168.99.102/2562 flags ACK on interface inside

6|Oct 24 2008|09:14:39|106015|192.168.98.12|2812|192.168.99.102|2562|Deny TCP (no connection) from 192.168.98.12/2812 to 192.168.99.102/2562 flags PSH ACK on interface inside

6|Oct 24 2008|09:14:39|302014|192.168.99.102|2562|192.168.98.12|2812|Teardown TCP connection 21782 for Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 duration 0:00:04 bytes 28870 Flow closed by inspection

4|Oct 24 2008|09:14:39|507001|192.168.99.102|2562|192.168.98.12|2812|Terminating TCP-Proxy connection from Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 - reassembly limit of 8192 bytes exceeded

6|Oct 24 2008|09:14:35|302014|192.168.99.102|2560|192.168.98.12|1521|Teardown TCP connection 21781 for Outside:192.168.99.102/2560 to inside:192.168.98.12/1521 duration 0:00:00 bytes 296 TCP FINs

6|Oct 24 2008|09:14:35|302013|192.168.99.102|2562|192.168.98.12|2812|Built inbound TCP connection 21782 for Outside:192.168.99.102/2562 (192.168.99.102/2562) to inside:192.168.98.12/2812 (192.168.98.12/2812)

6|Oct 24 2008|09:14:35|302013|192.168.99.102|2560|192.168.98.12|1521|Built inbound TCP connection 21781 for Outside:192.168.99.102/2560 (192.168.99.102/2560) to inside:192.168.98.12/1521 (192.168.98.12/1521)

6|Oct 24 2008|09:14:16|302021|192.168.99.102|512|192.168.98.12|0|Teardown ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

6|Oct 24 2008|09:14:16|302021|192.168.99.102|512|192.168.98.12|0|Teardown ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

6|Oct 24 2008|09:14:14|302013|192.168.99.102|2557|192.168.98.12|139|Built inbound TCP connection 21774 for Outside:192.168.99.102/2557 (192.168.99.102/2557) to inside:192.168.98.12/139 (192.168.98.12/139)

6|Oct 24 2008|09:14:14|302015|192.168.99.102|137|192.168.98.12|137|Built inbound UDP connection 21773 for Outside:192.168.99.102/137 (192.168.99.102/137) to inside:192.168.98.12/137 (192.168.98.12/137)

6|Oct 24 2008|09:14:13|302014|192.168.99.102|2556|192.168.98.12|445|Teardown TCP connection 21772 for Outside:192.168.99.102/2556 to inside:192.168.98.12/445 duration 0:00:01 bytes 0 TCP Reset-I

6|Oct 24 2008|09:14:12|302013|192.168.99.102|2556|192.168.98.12|445|Built inbound TCP connection 21772 for Outside:192.168.99.102/2556 (192.168.99.102/2556) to inside:192.168.98.12/445 (192.168.98.12/445)

6|Oct 24 2008|09:14:12|302020|192.168.98.12|0|192.168.99.102|512|Built outbound ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

6|Oct 24 2008|09:14:12|302020|192.168.99.102|512|192.168.98.12|0|Built inbound ICMP connection for faddr 192.168.99.102/512 gaddr 192.168.98.12/0 laddr 192.168.98.12/0

Everything else, communication wise works flawlessly on this link.

Any ideas ??

All help appreciated!

Regards

Ole V

2 Replies 2

ov
Level 1
Level 1

Forgot to mention that this site-site vpn is made by 2 ASA5505's.

asa804-k8 software on both

ov
Level 1
Level 1

Sorry for the bump, but surely someone must have something clever to say about this log?

There are three lines here, that i think might be the source for the "Deny TCP (no connection)..." entries:

6|Oct 24 2008|09:14:13|302014|192.168.99.102|2556|192.168.98.12|445|Teardown TCP connection 21772 for Outside:192.168.99.102/2556 to inside:192.168.98.12/445 duration 0:00:01 bytes 0 TCP Reset-I

Oct 24 2008|09:14:39|507001|192.168.99.102|2562|192.168.98.12|2812|Terminating TCP-Proxy connection from Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 - reassembly limit of 8192 bytes exceeded

Oct 24 2008|09:14:39|302014|192.168.99.102|2562|192.168.98.12|2812|Teardown TCP connection 21782 for Outside:192.168.99.102/2562 to inside:192.168.98.12/2812 duration 0:00:04 bytes 28870 Flow closed by inspection

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: