08-20-2013 08:40 PM - edited 03-11-2019 07:28 PM
I am receiving below message on the Internet Firewall and losing connection, mostly upload side like Outlook, Facebook, Youtube ...
6 9:38:45 106015 53142 173.252.112.23 443 Deny TCP (no connection) from 10.*.*.*/53142 to 173.252.112.23/443 flags RST on interface inside
i've tried "sysopt connection timewait" command and still no success, any idea?
08-20-2013 11:25 PM
hey
please paste your running configuration
Thanks
Vishaw
08-21-2013 08:17 PM
Actually there is not much configs on it
08-21-2013 08:50 PM
Hello Tulgabat,
As you can see the ASA is receiving a RESET packet from the Inside client after the connection has been torndown.
My recommendations: Do captures on both interfaces of the ASA:
cap capin interface inside match tcp host inside_host_ip_address host outside_host_ip_address
cap capout interface outside match tcp host outside_nat_ip_address host outside_host_ip_address
Then attempt to connect and finally provide the following to us
show cap capin
show cap capout
show logging | include x.x.x.x (Inside_host_IP address) Hopefully you have loggin enabled
Check my blog at http:laguiadelnetworking.com for further information.
Cheers,
Julio Carvajal Segura
08-21-2013 11:01 PM
# sh cap capout
: 14:02:44.673091 202.131.225.97.6153 > 74.117.178.90.80: P 2135110166:2135 111132(966) ack 650230300 win 16436
: 14:02:44.870438 74.117.178.90.80 > 202.131.225.97.6153: . ack 2135111132 win 13
: 14:02:44.874466 74.117.178.90.80 > 202.131.225.97.6153: P 650230300:65023 0647(347) ack 2135111132 win 13
: 14:48:39.055279 202.131.225.97.47817 > 74.117.178.90.80: F 2964315953:296 4315953(0) ack 3956491086 win 16560
: 14:48:39.253648 74.117.178.90.80 > 202.131.225.97.47817: F 3956491086:395 6491273(187) ack 2964315954 win 6
: 14:48:39.254747 202.131.225.97.47817 > 74.117.178.90.80: R 2964315954:296 4315954(0) ack 3956491273 win 0
08-21-2013 11:22 PM
Hello,
Based on this it seems the Internal host is closing the connection:
28: 14:48:39.055279 202.131.225.197.47817 > 74.117.178.90.80: F 2964315953:296 4315953(0) ack 3956491086 win 16560
29: 14:48:39.253648 74.117.178.90.80 > 202.131.225.197.47817: F 3956491086:395 6491273(187) ack 2964315954 win 6
30: 14:48:39.254747 202.131.225.197.47817 > 74.117.178.90.80: R 2964315954:296 4315954(0) ack 3956491273 win 0
TCP FIN packets being negotiated to close the session and afterwards the computer sending a reset
Check my blog at http:laguiadelnetworking.com and subscribe so you can get daily information about networking.
Cheers,
Julio Carvajal Segura
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: