Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4817
Views
0
Helpful
2
Replies

ASA 5505 Teardown problem..

kumar.networld
Level 1
Level 1

‎02-28-2012 12:22 AM - edited ‎03-11-2019 03:35 PM

Dear Member,

I am faceing Teardown problem on cisco asa 5505.

Users are always disconnecting 25-30 min from outside server.

Here is the some log details..

|22:55:32|305012|10.60.2.144|1397|x.x.x.x|49563|Teardown  dynamic   TCP translation from inside:10.60.2.144/1397 to  outside:x.x.x.x/49563   duration 0:00:30
|22:55:31|605005|10.60.3.78|18017|10.60.1.x|https|Login  permitted from   10.60.3.78/18017 to inside:10.60.1.x/https for user  "cisco"



|22:55:31|725002|10.60.3.78|18017|||Device completed SSL handshake with   client inside:10.60.3.78/18017






|22:55:31|725003|10.60.3.78|18017|||SSL client inside:10.60.3.78/18017   request to resume previous session.






|22:55:31|725001|10.60.3.78|18017|||Starting SSL handshake with client   inside:10.60.3.78/18017 for TLSv1 session.





|22:55:31|302013|10.60.3.78|18017|10.60.1.x|443|Built  inbound TCP   connection 507323 for inside:10.60.3.78/18017  (10.60.3.78/18017) to   identity:10.60.1.x/443 (10.60.1.x/443)
|22:55:31|605005|10.60.3.78|18016|10.60.1.x|https|Login  permitted from   10.60.3.78/18016 to inside:10.60.1.x/https for user  "cisco"



|22:55:31|725002|10.60.3.78|18016|||Device completed SSL handshake with   client inside:10.60.3.78/18016
















How to solved this issue.please guide me.

I am waiting for your best response.Your solution is valuable for me and my team also.

Best Regards,

CK








Labels:
0 Helpful
2 Replies 2

mirober2
Cisco Employee
Cisco Employee

‎03-05-2012 07:23 AM

CK,

Check the logs for a %ASA-6-302014 message at the time of the teardown. This will provide you with the reason that the connection closed. See the following link for a list of teardown reasons with their explanations:

http://www.cisco.com/en/US/docs/security/asa/asa84/system/message/logmsgs.html#wp6941209

-Mike

0 Helpful

kumar.networld
Level 1
Level 1
In response to mirober2

‎03-15-2012 02:29 AM

Hi Mirober,

Thanks for the reply. I cheked the sys log message but problem is still running.

I have two ASA 5505,and one fortigate firewall. i am using two lan ip add 1 asa for 10.x.x.200 and 2nd asa for 10.x.x.250.

and my fortigate woking as a trasparent firewall. when users access through .250 gateway no any problem is occure if any user access through .200 gateway problem is occuring every 25,30,50 min

I am attaching a file for your Reference.

When the users access CITRIX server (Outside server) from inside to outside and show the message on destop when connection closed.

Regards,

CK

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card