https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036944#M894600 <HTML><HEAD></HEAD><BODY><P>The Conf file is attached.</P><P></P><P>When i try to upload any files on ftp server (#.#.4.41) then it works fine for 5 to 10 minutes after that connection gets lost. When i try to download anything again it works again for couple of minutes and connection gets reset.</P><P></P><P>Log : 3 Oct 24 2008 14:58:16 305005 #.#.4.41 4882 No translation group found for tcp src inside:123.236.38.235/2288 dst outside:#.#.4.41/4882 Please Advice</P><P></P><P></P><P>123.236.38.235 its a my home public IP and the connection was eastlablished with FTP Server #.#.4.41 which is placed in DMZ Zone but look at the above log which shows the Src is in Inside.</P><P></P><P></P><P> </P><P></P></BODY></HTML> Fri, 24 Oct 2008 17:40:54 GMT ray_stone 2008-10-24T17:40:54Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036940#M894596 <P>I have been experiencing FTP connection reset issue while uploading files.</P><P></P><P>I have reviewed the logs and found log 305005: </P><P></P><P>3|Oct 24 2008|02:23:51|305005|*.*.4.41|3983|||No translation group found for tcp src inside:*.*.71.252/4708 dst dmz:65.205.4.41/3983</P><P></P><P>Can anyone help me out what should i do to fix this issue ASAP.</P><P></P> Mon, 11 Mar 2019 14:02:07 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036940#M894596 ray_stone 2019-03-11T14:02:07Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036941#M894597 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Seems to be a NAT problem.</P><P></P><P>Can you post the config and let me know from where you try to connect and to where?</P><P></P><P>Thanks,</P><P>Krisztian</P></BODY></HTML> Fri, 24 Oct 2008 10:31:38 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036941#M894597 kerek 2008-10-24T10:31:38Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036942#M894598 <HTML><HEAD></HEAD><BODY><P>Hi, </P><P></P><P>To do trobleshoot, I captured the packets on DMZ interface and found Spoofing Attack from Inside Network and whatever the connection is made on outside to DMZ for FTP access, the same connection is also making from Inside to DMZ Network and while it makes the connection then FW reset all connection. </P><P>Exp :</P><P></P><P>Outside Machine : 1.1.1.1</P><P>DMZ FTP Server : 2.2.2.2</P><P>Inside Network : 192.168.10.0/24</P><P></P><P>The connection between 1.1.1.1 and 2.2.2.2 is created and its working fine but when the same connection makes on Inside Interface which is already made on DMZ Interface then the FW reset the all connections and the geniune connections also gets denied.</P><P></P><P>Please Advice how to resolve this issue as I have checked through Sniffer on Inside host and found nothing any unwanted things.</P></BODY></HTML> Fri, 24 Oct 2008 12:11:17 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036942#M894598 ray_stone 2008-10-24T12:11:17Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036943#M894599 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Can you post the config?</P><P></P><P>Krisztian</P></BODY></HTML> Fri, 24 Oct 2008 12:31:42 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036943#M894599 kerek 2008-10-24T12:31:42Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036944#M894600 <HTML><HEAD></HEAD><BODY><P>The Conf file is attached.</P><P></P><P>When i try to upload any files on ftp server (#.#.4.41) then it works fine for 5 to 10 minutes after that connection gets lost. When i try to download anything again it works again for couple of minutes and connection gets reset.</P><P></P><P>Log : 3 Oct 24 2008 14:58:16 305005 #.#.4.41 4882 No translation group found for tcp src inside:123.236.38.235/2288 dst outside:#.#.4.41/4882 Please Advice</P><P></P><P></P><P>123.236.38.235 its a my home public IP and the connection was eastlablished with FTP Server #.#.4.41 which is placed in DMZ Zone but look at the above log which shows the Src is in Inside.</P><P></P><P></P><P> </P><P></P></BODY></HTML> Fri, 24 Oct 2008 17:40:54 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036944#M894600 ray_stone 2008-10-24T17:40:54Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036945#M894601 <HTML><HEAD></HEAD><BODY><P>It look like as an attack (Spoof) but dont able to understand how to find out the root cause. Please share your experience. Thanks!!</P></BODY></HTML> Fri, 24 Oct 2008 17:43:36 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036945#M894601 ray_stone 2008-10-24T17:43:36Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036946#M894602 <HTML><HEAD></HEAD><BODY><P>Can anyone advice on this. Thanks</P></BODY></HTML> Sat, 25 Oct 2008 01:45:41 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036946#M894602 ray_stone 2008-10-25T01:45:41Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036947#M894603 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>In your first post you mentioned ftp, but the ports are not really ftp ports (unless u use passive ftp).</P><P>I don't really understand how the traffic which is coming through the outside is seen as inside.</P><P></P><P>Krisztian</P></BODY></HTML> Mon, 27 Oct 2008 08:51:41 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036947#M894603 kerek 2008-10-27T08:51:41Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036948#M894604 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>The other problem can cause problems is using a translated IP which actually resides on the Outside i.e. static (dmz,Inside) #.#.4.41 192.168.200.11 netmask 255.255.255.255 dns</P><P>I have tried out similar mapping on my ASA and got 'portmap translation creation failed'.</P><P></P><P>Try to use something different IP (or not translate at all).</P><P></P><P>Hope it helps,</P><P>Krisztian</P></BODY></HTML> Mon, 27 Oct 2008 09:04:46 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036948#M894604 kerek 2008-10-27T09:04:46Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036949#M894605 <HTML><HEAD></HEAD><BODY><P>I have delteted that entry but still getting same error message and it's resetting the connections too. After removing that entry I have done reload the FW but still getting same error. Pl. help. </P></BODY></HTML> Mon, 27 Oct 2008 13:58:14 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036949#M894605 ray_stone 2008-10-27T13:58:14Z https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036950#M894606 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Can you do from cli:</P><P>show log | inc 65.205.4.41</P><P>just to see what's happening?</P><P>Can you also post the output of 'show xlate'</P><P></P><P>Krisztian</P></BODY></HTML> Mon, 27 Oct 2008 14:25:10 GMT https://community.cisco.com/t5/network-security/ftp-coonection-reset-issue/m-p/1036950#M894606 kerek 2008-10-27T14:25:10Z