cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1050
Views
0
Helpful
17
Replies

access list rule not working

Dragomir
Level 1
Level 1

I have an extended access-list rule that is #1 in poistion on the external access list

access-list acl-outside line 1 extended permit tcp host x.x.x.x host a.b.c.d eq 5723

access-list acl-outside line 2 extended permit tcp host x.x.x.y host a.b.c.e eq 5723

but when i telnet from x.x.x.x to a.b.c.d to 5723

it does not listen or respond.

internally i verified that the ports is listening on the host.

The ip of the internal ip is natted to the external ip a.b.c.d

any idea?

17 Replies 17

yes I am logged into the adsm. all icmp traffic i can see being logged. but telnetting to port 5723 is not. I actually aleady see an access list ule allow all traffic from the source ip subnet to this ip.

I was able to telnet to port 80 and it worked. but not 5723. any ideas?

but even telnetting to port 80 shows no logging traffic

when i telnet to port 443 of th public ip, I get something like

Teardown TCP connection 319711461 for outside: 1.1.1.1/49632 to inside 2.2.2.2/443 duration 0:00:00 bytes 0 TCP Reset-I

but whne i telnet to port 80 or 5723, nothing happens and no logging occurs

Hi,

Well without seeing any actual configurations it would seem that your connections simply arent reaching the ASA if its not logging anything.

The above log message indicates that the connection was immediately reset by the internal host/server. So it refused the connection by sending TCP Reset.

- Jouni

Review Cisco Networking for a $25 gift card