Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1129
Views
0
Helpful
2
Replies

ASA TCP FINs

jack samuel
Level 1
Level 1

‎03-13-2016 12:11 PM - edited ‎03-12-2019 12:28 AM

Dears,

i have multiple sub interfaces on ASA 5585X  for example interface front-end-sharepoint-servers and Interface back-end-sharepoint-servers & Interface SQL-servers & interface Active-Directory when i execute a access-list  permit ip any any on every interface i don't face any issue when front-end-servers are accessing database servers and Active directory,  but when i restrict with specific ports i get slowness in accessing and search option in the sharepoint servers doesn't work between the server & database.

I don't see any ports are been denied on the ASDM between the server but i see the logs as attached which shows the communication between the application  and active directory on port 88 received TCP FINs packets

Thanks

Labels:
Preview file
85 KB
Preview file
148 KB
0 Helpful
2 Replies 2

Philip D'Ath
VIP Alumni
VIP Alumni

‎03-13-2016 03:49 PM

Are all the traffic flows symmetric forward and backwards?

Any chance it is communicating via IPv6 (have the related servers got IPv6 addresses on them) and you are only looking at IPv4 so that not noticed?

0 Helpful

jack samuel
Level 1
Level 1
In response to Philip D'Ath

‎03-13-2016 09:01 PM

Dear Philip,

Are all the traffic flows symmetric forward and backwards?

yes

Any chance it is communicating via IPv6 (have the related servers got IPv6 addresses on them) and you are only looking at IPv4 so that not noticed?

NO

Any hints how i can troublshoot

thanks

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card