07-22-2013 02:43 PM - edited 03-11-2019 07:15 PM
I have an extended access-list rule that is #1 in poistion on the external access list
access-list acl-outside line 1 extended permit tcp host x.x.x.x host a.b.c.d eq 5723
access-list acl-outside line 2 extended permit tcp host x.x.x.y host a.b.c.e eq 5723
but when i telnet from x.x.x.x to a.b.c.d to 5723
it does not listen or respond.
internally i verified that the ports is listening on the host.
The ip of the internal ip is natted to the external ip a.b.c.d
any idea?
07-22-2013 09:08 PM
yes I am logged into the adsm. all icmp traffic i can see being logged. but telnetting to port 5723 is not. I actually aleady see an access list ule allow all traffic from the source ip subnet to this ip.
I was able to telnet to port 80 and it worked. but not 5723. any ideas?
but even telnetting to port 80 shows no logging traffic
07-22-2013 09:45 PM
when i telnet to port 443 of th public ip, I get something like
Teardown TCP connection 319711461 for outside: 1.1.1.1/49632 to inside 2.2.2.2/443 duration 0:00:00 bytes 0 TCP Reset-I
but whne i telnet to port 80 or 5723, nothing happens and no logging occurs
07-23-2013 05:00 AM
Hi,
Well without seeing any actual configurations it would seem that your connections simply arent reaching the ASA if its not logging anything.
The above log message indicates that the connection was immediately reset by the internal host/server. So it refused the connection by sending TCP Reset.
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide