https://community.cisco.com/t5/network-security/access-problem/m-p/1424425#M749916 <HTML><HEAD></HEAD><BODY><P>Dont worry guys, i have identified and solved the issue. It is working fine now.</P></BODY></HTML> Tue, 09 Feb 2010 00:44:58 GMT amar_5664 2010-02-09T00:44:58Z https://community.cisco.com/t5/network-security/access-problem/m-p/1424424#M749901 <P>Hi guys,</P><P></P><P>I am running multiple context mode on our ASA, now trying to setup access for one of our developers to access a server. Basically what he is doing is he is RDPing into a box in DMZ and from there <A href="http://xxxxx:1727" target="_blank">http://xxxxx:1727</A> port. Now i have configured the access rules and everything and when i do a packet trace from firewall it is allowing the packet so doesnt seem to be a access rule issue, however when the developer is trying to access from that RDP box he is unable to connect.....</P><P>please refer to below log when he is trying to connect...teardown caused by SYN timeout .. would need your expertise on what could cause the issue</P><P></P><P>6 Feb 08 2010 10:43:25 302013 SRVDWX3550X002 50619 VSVWIN2008E033 1727 Built inbound TCP connection 41451469 for DMZ-I-SAS:SRVDWX3550X002/50619 (SRVDWX3550X002_NAT/50619) to Internal-SAS:VSVWIN2008E033/1727 (VSVWIN2008E033_NAT/1727)</P><P>6 Feb 08 2010 10:43:56 302014 SRVDWX3550X002 50619 VSVWIN2008E033 1727 Teardown TCP connection 41451469 for DMZ-I-SAS:SRVDWX3550X002/50619 to Internal-SAS:VSVWIN2008E033/1727 duration 0:00:30 bytes 0 <STRONG>SYN Timeout</STRONG></P><P></P><P>to RDP in i have created a different context so all the management sort of traffic uses that context... he RDPs into x.x.64.101 address and the actual access rule applied for source is x.x.74.101.... would it be causing any issue i dont think so...</P><P></P><P>Below is the log when i run capture on firewall the teardown here is caused due to TCP Reset-O which is alright</P><P></P><P><TABLE><TBODY><TR><TD>6</TD><TD>Feb 08 2010</TD><TD>11:18:02</TD><TD>302013</TD><TD>SRVDWX3550X002_NAT</TD><TD>1727</TD><TD>VSVWIN2008E033</TD><TD>1727</TD><TD>Built inbound TCP connection 41476146 for DMZ-I-SAS:SRVDWX3550X002_NAT/1727 (SRVDWX3550X002_NAT/1727) to Internal-SAS:VSVWIN2008E033/1727 (VSVWIN2008E033/1727)</TD></TR></TBODY></TABLE></P><P><TABLE><TBODY><TR><TD>6</TD><TD>Feb 08 2010</TD><TD>11:18:32</TD><TD>302014</TD><TD>SRVDWX3550X002_NAT</TD><TD>1727</TD><TD>VSVWIN2008E033</TD><TD>1727</TD><TD>Teardown TCP connection 41476146 for DMZ-I-SAS:SRVDWX3550X002_NAT/1727 to Internal-SAS:VSVWIN2008E033/1727 duration 0:00:30 bytes 0 <STRONG>TCP Reset-O</STRONG></TD></TR></TBODY></TABLE></P> Mon, 11 Mar 2019 17:06:03 GMT https://community.cisco.com/t5/network-security/access-problem/m-p/1424424#M749901 amar_5664 2019-03-11T17:06:03Z https://community.cisco.com/t5/network-security/access-problem/m-p/1424425#M749916 <HTML><HEAD></HEAD><BODY><P>Dont worry guys, i have identified and solved the issue. It is working fine now.</P></BODY></HTML> Tue, 09 Feb 2010 00:44:58 GMT https://community.cisco.com/t5/network-security/access-problem/m-p/1424425#M749916 amar_5664 2010-02-09T00:44:58Z