11-25-2010 05:39 AM - edited 01-27-2018 01:14 AM
11-25-2010 06:20 AM
Hi,
To allow certain ports from one interface to another you need to check that those ports are allowed on the ACL applied on the ASA.
If you're able to PING there's connectivity.. just check the ACL.
Also, if the traffic is through the VPN, normally all IP traffic is permitted (no ports filtered).
If you want to run a test you can use Packet-Tracer to simulate the connection on those ports and have the ASA respond if the connection should be allowed or denied by any reason.
Federico.
11-25-2010 06:49 AM - edited 01-27-2018 01:06 AM
Hi thank you for the answer,
There is no ACL which may block this also packet tracer show that everything is OK.
Traffic is through the VPN and yes all IP traffic is permitted.
11-25-2010 07:57 AM
Ok, the communication is from an IP in the inside of this ASA through the tunnel to reach an inside device on the other end?
What are the src/dst IPs?
Federico.
11-25-2010 08:12 AM - edited 01-27-2018 01:14 AM
...
11-25-2010 08:29 AM
Ok, the configuration seems fine and should allow communication over those ports to the remote server.
As packet-tracer indicates the packets should be allowed.
Question...
Can you check that the connection on those ports are reaching the server itself?
Check on the server if it's receiving packets on those ports, perhaps is just the application not working properly...
Federico.
11-25-2010 08:38 AM - edited 01-27-2018 01:04 AM
Hi,
many thanks for helping me....
11-26-2010 10:06 AM - edited 01-27-2018 01:05 AM
I found this in my logs?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide