[LAN] <---> ASA 5520 <---> Cisco 2911 <---> [Internet] <---> Server A
Whenever I access a website running in "server A" (only HTTP traffic) everything works fine.
The problem is that when I try to access a different service on the same server but listening on port 2000/tcp I get the TCP Reset-O message on the ASA and the workstation's browser says that "Internet Explorer cannot display the webpage".
A weird thing: if I access this service from a machine on the DMZ, it works fine. From the LAN (Inside) it does not work. The main difference is that from the LAN to OUTSIDE the ASA does NAT. From the DMZ to OUTSIDE it's just routed.
I did another test from the LAN and the captured traffic is attached.
I've been messing around with protocol inspects and firewall + NAT rules on the ASA but no luck at all.
Is the traffic that you are passing on that port web traffic? See the problem is that the firewall has a default inspection policy that will look for Skinny (SCCP) traffic on that specific port. If he sees any other type of information (called FTP, HTTP or any other service) that is not realted to SCCP it will drop the connection.
You can avoid that by disabling the Skinny inspection under the global policy
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...