cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1723
Views
0
Helpful
2
Replies
Highlighted
Beginner

ASA 5505 TCP Reset-0

Hey folks,

having a bit of issue, i am troubleshooting a problem.

I have 2 interfaces on the ASA.

  1. Inside (192.168.190.0/24)
  2. Guest (10.10.10.0/24)

I can ping the server on the Inside interface (192.168.190.27) from the Guest interface.. but when i try to access the server with http/https no access there.

The server is a Windows server 2008, i tried turning of the firewall but that didn't help

I did a netstat  on the server and for some reason the handshake is stuck in syn-recieved state

I have been monitoring the log on the asdm see pic.. RST.png

Its a bunch of RST packets with TCP reset-0.. What can be the cause of this?

Good to know information

Asa Version: 8.0(4)

Model: 5505

Inside Interface:

Secuirty level 100

Vlan1

Guest Interface:

Security Level 40

vlan23

I did a packet trace and the packet should be allowed..

So any tips and tricks

Thanks

Shane

2 REPLIES 2
Highlighted
Mentor

Hi,

To my understanding the TCP Reset-O refers to a situation where the host behind the interface with the lower "security-level" Reset the TCP connection.

In this case it would mean that the host connecting to the server does the TCP Reset. I am not quite sure why it would do this. More typical to see the server do the TCP Reset.

Have you tested the connection from any other host or behind any other interface?

- Jouni

Highlighted
Beginner

Cisco definition for tis messages:

The security appliance discarded a TCP packet that has no associated connection in the security appliance connection table. The security appliance looks for a SYN flag in the packet, which indicates a request to establish a new connection. If the SYN flag is not set, and there is not an existing connection, the security appliance discards the packet.


Recommended Action None required unless the security appliance receives a large volume of these invalid TCP packets. If this is the case, trace the packets to the source and determine the reason these packets were sent.

I beleive you need to verify the source is snding a valid packets

Thanks, Anas *--* Please rate the useful post,its free ;) *--*
Content for Community-Ad