difference ASA 8.0.2 and 8.0.4

lukasdrbo · ‎10-31-2008

Hi,

i have strange problem with access by ipsec client: with ASA 8.0.2 all is ok but with ASA 8.0.4 some TCP connection through ipsec client arent association (rdp, sql, etc..). With SSL client on ASA 8.0.4 all traffic is ok too.

Sometimes i logging deny tcp (no connection).

Do you have any idea where is problem please ?

lukas

purohit_810 · ‎11-02-2008

Hi,

Can you see in Caveats? is there any Caveats open?

I haven't perfect error from you so i can't say.

Thanks,

Dharmesh Purohit

lukasdrbo · ‎11-04-2008

Hi,

maybe this:

Deny TCP (no connection) from vpn_range to lan_srv/3389 flags ACK on interface ext

Deny TCP (no connection) from vpn_range to lan_srv/3389 flags FIN PSH ACK on interface ext

but i havent idea. its rdp to one server, rdp to others servers are ok. if i reboot ios to 8.0.2, this connection to lan_srv is ok. i dont understand to it :-(. (without changing cfg of course)

thx,

Lukas

lukasdrbo · ‎11-05-2008

its same problem as here http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Virtual%20Private%20Networks&topic=Security&topicID=.ee6b2b8&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc1f2d4

lukasdrbo · ‎11-10-2008

solution is disable IP Compression in the ipsec group-policy

lukas