09-08-2019 02:02 AM - edited 09-08-2019 05:20 AM
Hi All,
We have build tunnel to HQ and branch, only some segment on HQ is unable to access application at branch office, but ping is able to ping.
ASA model & version : 5516-X & 9.12(2)
When HQ access to branch our asa get below message.
the asa discarded a tcp packet that has no associated connection in the asa connection table.
Deny TCP (no connection) from 10.251.72.224/53212 to 10.97.108.21/1521 flags RST-ACK on interface outside.
09-08-2019 03:25 AM
09-08-2019 05:22 AM
Hi Sorry,
Just added in attach file , 153.139.225.121 is to HQ VPN which from HQ remote lan only 10.251.72.xx/23 unable to access to our LAN network current ASA config.
Please advise.
09-09-2019 08:29 AM
Hi Dennis,
I add in the config file , please advise
09-10-2019 01:00 AM
Can you run the packet tracer (with Detail key word) command from both end and share the output.
HTH
09-10-2019 01:36 AM
09-10-2019 03:01 AM
The packet tracer from remote site syntax is fine?
input is OUTSIDE
packet-tracer input outside tcp 10.251.72.22 1521
I would say that it should be inside
HTH
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: