Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 TCP Reset-0

Hey folks,

having a bit of issue, i am troubleshooting a problem.

I have 2 interfaces on the ASA.

  1. Inside (192.168.190.0/24)
  2. Guest (10.10.10.0/24)

I can ping the server on the Inside interface (192.168.190.27) from the Guest interface.. but when i try to access the server with http/https no access there.

The server is a Windows server 2008, i tried turning of the firewall but that didn't help

I did a netstat  on the server and for some reason the handshake is stuck in syn-recieved state

I have been monitoring the log on the asdm see pic.. RST.png

Its a bunch of RST packets with TCP reset-0.. What can be the cause of this?

Good to know information

Asa Version: 8.0(4)

Model: 5505

Inside Interface:

Secuirty level 100

Vlan1

Guest Interface:

Security Level 40

vlan23

I did a packet trace and the packet should be allowed..

So any tips and tricks

Thanks

Shane

2 REPLIES
Super Bronze

ASA 5505 TCP Reset-0

Hi,

To my understanding the TCP Reset-O refers to a situation where the host behind the interface with the lower "security-level" Reset the TCP connection.

In this case it would mean that the host connecting to the server does the TCP Reset. I am not quite sure why it would do this. More typical to see the server do the TCP Reset.

Have you tested the connection from any other host or behind any other interface?

- Jouni

New Member

ASA 5505 TCP Reset-0

Cisco definition for tis messages:

The security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.


Recommended Action None required unless the security appliance receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.

I beleive you need to verify the source is snding a valid packets

Thanks, Anas *--* Please rate the useful post,its free ;) *--*
743
Views
0
Helpful
2
Replies
CreatePlease login to create content