02-28-2012 12:22 AM - edited 03-11-2019 03:35 PM
Dear Member,
I am faceing Teardown problem on cisco asa 5505.
Users are always disconnecting 25-30 min from outside server.
Here is the some log details..
|22:55:32|305012|10.60.2.144|1397|x.x.x.x|49563|Teardown dynamic TCP translation from inside:10.60.2.144/1397 to outside:x.x.x.x/49563 duration 0:00:30 | ||||||||||||||||||
|22:55:31|605005|10.60.3.78|18017|10.60.1.x|https|Login permitted from 10.60.3.78/18017 to inside:10.60.1.x/https for user "cisco" | ||||||||||||||||||
|22:55:31|725002|10.60.3.78|18017|||Device completed SSL handshake with client inside:10.60.3.78/18017 | ||||||||||||||||||
|22:55:31|725003|10.60.3.78|18017|||SSL client inside:10.60.3.78/18017 request to resume previous session. | ||||||||||||||||||
|22:55:31|725001|10.60.3.78|18017|||Starting SSL handshake with client inside:10.60.3.78/18017 for TLSv1 session. | ||||||||||||||||||
|22:55:31|302013|10.60.3.78|18017|10.60.1.x|443|Built inbound TCP connection 507323 for inside:10.60.3.78/18017 (10.60.3.78/18017) to identity:10.60.1.x/443 (10.60.1.x/443) | ||||||||||||||||||
|22:55:31|605005|10.60.3.78|18016|10.60.1.x|https|Login permitted from 10.60.3.78/18016 to inside:10.60.1.x/https for user "cisco" | ||||||||||||||||||
|22:55:31|725002|10.60.3.78|18016|||Device completed SSL handshake with client inside:10.60.3.78/18016 | ||||||||||||||||||
How to solved this issue.please guide me. I am waiting for your best response.Your solution is valuable for me and my team also. Best Regards, CK | ||||||||||||||||||
03-05-2012 07:23 AM
CK,
Check the logs for a %ASA-6-302014 message at the time of the teardown. This will provide you with the reason that the connection closed. See the following link for a list of teardown reasons with their explanations:
http://www.cisco.com/en/US/docs/security/asa/asa84/system/message/logmsgs.html#wp6941209
-Mike
03-15-2012 02:29 AM
Hi Mirober,
Thanks for the reply. I cheked the sys log message but problem is still running.
I have two ASA 5505,and one fortigate firewall. i am using two lan ip add 1 asa for 10.x.x.200 and 2nd asa for 10.x.x.250.
and my fortigate woking as a trasparent firewall. when users access through .250 gateway no any problem is occure if any user access through .200 gateway problem is occuring every 25,30,50 min
I am attaching a file for your Reference.
When the users access CITRIX server (Outside server) from inside to outside and show the message on destop when connection closed.
Regards,
CK
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide