https://community.cisco.com/t5/network-security/firewall-connection-log/m-p/1274330#M824547 <HTML><HEAD></HEAD><BODY><P>The capture shows the client (202.94.66.21) sending a TCP SYN, followed by 46.56.76.34 sending a TCP RST.</P><P></P><P>This means that either the NAT is not configured properly, or the access-list is not permitting the inbound traffic, or the traffic goes through but the server is not listening to port 443.</P><P></P><P>Check the syslogs, check the same capture on the inside interface, check if you can connect to the server (on its private ip addess) from a client on the inside.</P></BODY></HTML> Mon, 09 Nov 2009 09:00:12 GMT Herbert Baerten 2009-11-09T09:00:12Z https://community.cisco.com/t5/network-security/firewall-connection-log/m-p/1274329#M824524 <P>WOuld need advise on the attached logs from a connection , obtained by tcpdump on a firewall.</P><P>46.56.76.34 is the global ip of ours which is been NAT on the device. the private ip for this hosts a website, which is inaccessible.</P><P>202.94.66.21 is the internet ip used to check if the site is reachable.</P><P>Please suggest what does these logs indicate.</P><P>Thanks! </P><P></P><P> </P><P></P> Mon, 11 Mar 2019 16:37:24 GMT https://community.cisco.com/t5/network-security/firewall-connection-log/m-p/1274329#M824524 suthomas1 2019-03-11T16:37:24Z https://community.cisco.com/t5/network-security/firewall-connection-log/m-p/1274330#M824547 <HTML><HEAD></HEAD><BODY><P>The capture shows the client (202.94.66.21) sending a TCP SYN, followed by 46.56.76.34 sending a TCP RST.</P><P></P><P>This means that either the NAT is not configured properly, or the access-list is not permitting the inbound traffic, or the traffic goes through but the server is not listening to port 443.</P><P></P><P>Check the syslogs, check the same capture on the inside interface, check if you can connect to the server (on its private ip addess) from a client on the inside.</P></BODY></HTML> Mon, 09 Nov 2009 09:00:12 GMT https://community.cisco.com/t5/network-security/firewall-connection-log/m-p/1274330#M824547 Herbert Baerten 2009-11-09T09:00:12Z https://community.cisco.com/t5/network-security/firewall-connection-log/m-p/1274331#M824553 <HTML><HEAD></HEAD><BODY><P>The logs which are attached in the notepad give me a feeling,when connection is intiated from 202.94.66.21 to 46.56.76.34 on port 443 the server which is 46.56.76.34 is replying with a RST packet.so this could be the server is not listening on port 443</P></BODY></HTML> Tue, 10 Nov 2009 14:14:48 GMT https://community.cisco.com/t5/network-security/firewall-connection-log/m-p/1274331#M824553 austin522 2009-11-10T14:14:48Z