11-02-2016 03:38 AM - edited 03-12-2019 01:28 AM
Hello All,
If i am trying to access FW separated server and im getting reset packet on FW, who generates it.
As in destination server generates the reset packet or FW itself generates it.
11-02-2016 06:18 PM
Either can generate it, it depends on the configuration. You can do a packet capture on either the server or the ASA to determine which device is actually dropping it.
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118097-configure-asa-00.html
11-03-2016 03:38 AM
Both are capable of sending reset packets are depending on circumstances, each can send one.
The best way to find out who is sending reset is to take capture on either the destination server nic through wireshark or take capture on ingress and egress interface of the firewall.
If you take capture on the firewall and see the reset only on egress and not on ingress interface, then we are sure that firewall generated the same. Ideally, if firewall generates the reset packet, it sends one to both ends.
HTH
AJ
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide