Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

PIX FTP Reset Issue

Dear All,

Lot of our remote clients are getting sudden loss of FTP connectivity.

We run a FTP server behind a PIX with 6.2(2).

Looking through the PIX log I am seeing lots of Resets and wondering if

Someone could explain or give some hint of the cause of these reset entries.

Here is an extract of the PIX log:

302014: Teardown TCP connection 74555 for outside:217.169.34.118/2205 to inside:217.169.46.20/3389 duration 0:01:24 byte

s 21375 TCP Reset-I

302014: Teardown TCP connection 74721 for outside:217.169.34.118/4385 to inside:217.169.46.20/20 duration 0:00:01 bytes

302014: Teardown TCP connection 74961 for outside:193.130.58.161/34218 to inside:217.169.46.22/443 duration 0:03:49 byte

s 129208 TCP Reset-O

302014: Teardown TCP connection 74987 for outside:217.169.34.118/4518 to inside:217.169.46.20/21 duration 0:10:09 bytes

664 TCP Reset-I

302014: Teardown TCP connection 75550 for outside:195.167.165.130/3835 to inside:217.169.46.20/20 duration 0:00:01 bytes

2760 TCP Reset-I

02014: Teardown TCP connection 75826 for outside:195.167.165.130/1465 to inside:217.169.46.20/20 duration 0:00:01 bytes

2760 TCP Reset-I

Regards,

Zahid

4 REPLIES
Gold

Re: PIX FTP Reset Issue

New Member

Re: PIX FTP Reset Issue

Jay,

Thanks for your response.

I am still having problem to understand the reasons for TCP Resets both from inside and outside. Is it something thats being caused by the FTP server or the client ? Or is it the PIX wich in causing the resets ?

Any further help would be greatly appreciated.

Zahid

Re: PIX FTP Reset Issue

The PIX is not going to RST any connections (unless blocked by an ACL and service resetinbound is config'ed). The syslog messages you picked out are simply telling you that the PIX tore the connections down based on seeing a RST packet from either the server (RST-I) or from the client (RST-O). You would probbaly need to sniff the traffic to get a better idea of what is going on. Hope this helps clarify a bit.

Scott

Gold

Re: PIX FTP Reset Issue

Zahid -

Can you try what Scott suggested (use a packet sniffer) to verify were the problems is, the PIX is not re-setting the connection. There's a free/very good sniffer from here: www.ethereal.com

Hope this helps - Thanks, Jay.

231
Views
0
Helpful
4
Replies
CreatePlease to create content