This message is NOT what you got when you tried to ping, this message is detailing a TCP Telnet connection, this is I presume when you tried to Telnet?
Anyway, it shows the PIX opening up a connection, but then tearing it down straight away because it received a TCP RST packet from the host on the DMZ interface (Reset-O). Looks like the PIX is doing the right thing, and the host you're trying to telnet to either doesn't allow Telnet's at all, or doesn't allow telnet's from certain subnets. Does it have something like TCP Wrappers installed on it?
You also didn't answer my previous question, can you telnet directly to this host from a host on the DMZ subnet, taking the PIX out of the equation?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...