Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Strange issue with FSWM

Hi all,

I have a 4 ACS server beside a FWSM, and i can´t reach one of these 4 server on port 61616 from outside the protected area. ACL are correctly in place. I have create a loopback with source IP in the switch the FWSM belongs and originate my test from that loopback (telnet, traceroute) in the meantime i was checking the logs in the FWSM, and i got the following:

6|Aug 11 2010|15:40:31|302014|10.134.21.1|10.63.79.68|Teardown TCP connection 146582698546271540 for outside:xx.xx.xx.xx/15361 to fwlb:yy.yy.yy.yy/61616 duration 0:00:00 bytes 184 TCP Reset-O
6|Aug 11 2010|15:40:31|302014|10.134.21.1|10.63.79.68|Teardown TCP connection 146582698546271540 for outside:xx.xx.xx.xx/15361 to fwlb:yy.yy.yy.yy/61616 duration 0:00:00 bytes 184 TCP Reset-O
6|Aug 11 2010|15:40:31|302013|10.134.21.1|10.63.79.68|Built inbound TCP connection 146582698546271540 for outside:xx.xx.xx.xx/15361 (xx.xx.xx.xx/15361) to fwlb:yy.yy.yy.yy/61616 (yy.yy.yy.yy/61616)
6|Aug 11 2010|15:40:31|302013|10.134.21.1|10.63.79.68|Built inbound TCP connection 146582698546271540 for outside:xx.xx.xx.xx/15361 (xx.xx.xx.xx/15361) to fwlb:yy.yy.yy.yy/61616 (yy.yy.yy.yy/61616)

Other servers can reach this server on this port. Issue is only with one source.

Does someone has a clue about what could be happening ?

Thanks in advance.

1 REPLY
Cisco Employee

Re: Strange issue with FSWM

Benjamin,

I see Reset-O meaning the rest is coming from the lower security interface.

Could you pls. try to collect captures on the FWSM and see what might be going on?

Here is the link for packet capture ASA/PIX/FWSM: https://supportforums.cisco.com/docs/DOC-1222

-KS

181
Views
0
Helpful
1
Replies