08-20-2013 08:40 PM - edited 03-11-2019 07:28 PM
I am receiving below message on the Internet Firewall and losing connection, mostly upload side like Outlook, Facebook, Youtube ...
6 9:38:45 106015 53142 173.252.112.23 443 Deny TCP (no connection) from 10.*.*.*/53142 to 173.252.112.23/443 flags RST on interface inside
i've tried "sysopt connection timewait" command and still no success, any idea?
08-20-2013 11:25 PM
hey
please paste your running configuration
Thanks
Vishaw
08-21-2013 08:17 PM
Actually there is not much configs on it
08-21-2013 08:50 PM
Hello Tulgabat,
As you can see the ASA is receiving a RESET packet from the Inside client after the connection has been torndown.
My recommendations: Do captures on both interfaces of the ASA:
cap capin interface inside match tcp host inside_host_ip_address host outside_host_ip_address
cap capout interface outside match tcp host outside_nat_ip_address host outside_host_ip_address
Then attempt to connect and finally provide the following to us
show cap capin
show cap capout
show logging | include x.x.x.x (Inside_host_IP address) Hopefully you have loggin enabled
Check my blog at http:laguiadelnetworking.com for further information.
Cheers,
Julio Carvajal Segura
08-21-2013 11:01 PM
# sh cap capout
: 14:02:44.673091 202.131.225.97.6153 > 74.117.178.90.80: P 2135110166:2135 111132(966) ack 650230300 win 16436
: 14:02:44.870438 74.117.178.90.80 > 202.131.225.97.6153: . ack 2135111132 win 13
: 14:02:44.874466 74.117.178.90.80 > 202.131.225.97.6153: P 650230300:65023 0647(347) ack 2135111132 win 13
: 14:48:39.055279 202.131.225.97.47817 > 74.117.178.90.80: F 2964315953:296 4315953(0) ack 3956491086 win 16560
: 14:48:39.253648 74.117.178.90.80 > 202.131.225.97.47817: F 3956491086:395 6491273(187) ack 2964315954 win 6
: 14:48:39.254747 202.131.225.97.47817 > 74.117.178.90.80: R 2964315954:296 4315954(0) ack 3956491273 win 0
08-21-2013 11:22 PM
Hello,
Based on this it seems the Internal host is closing the connection:
28: 14:48:39.055279 202.131.225.197.47817 > 74.117.178.90.80: F 2964315953:296 4315953(0) ack 3956491086 win 16560
29: 14:48:39.253648 74.117.178.90.80 > 202.131.225.197.47817: F 3956491086:395 6491273(187) ack 2964315954 win 6
30: 14:48:39.254747 202.131.225.197.47817 > 74.117.178.90.80: R 2964315954:296 4315954(0) ack 3956491273 win 0
TCP FIN packets being negotiated to close the session and afterwards the computer sending a reset
Check my blog at http:laguiadelnetworking.com and subscribe so you can get daily information about networking.
Cheers,
Julio Carvajal Segura
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide