Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1250
Views
0
Helpful
2
Replies

Inbound TCP connection denied from x.x.x.x/443 to r.r.r.r/xxxx flags RST on interface outside

ShirleyGaray1580
Level 1
Level 1

‎03-03-2021 09:25 PM

I currently have an ASA 5525 and I want the updates made to my servers, services to be carried out, but I get this error Inbound TCP connection denied from x.x.x.x / 443 to x.x.x.x / xxxx flags RST on interface outside

Try to create the access list rule for this incoming traffic but nothing changes

What suggestions do they give? Normally the traffic lets him out, but when he enters, even if the rule is made, it does not work

 

for example: update.knime.com or update.fortiguard.net

 

0 Helpful
2 Replies 2

Sheraz.Salim
VIP Alumni
VIP Alumni

‎03-03-2021 10:56 PM

Is that NAT rule is defined? is your server is at inside or at DMZ. as you mentioned RST when traffic is inbound from the outside interface towards server. where as you said from server to outside traffic flow is ok.

 

show us the nat rule and interface configuration of the outsider and server side. also you can run the command "show conn address x.x.x.x"  where x.x.x.x is your server ip address. display the output here.

please do not forget to rate.
0 Helpful

ShirleyGaray1580
Level 1
Level 1
In response to Sheraz.Salim

‎03-04-2021 09:48 AM

Here the logs
[cid:image002.jpg@01D710EC.26BD37A0]

The internal forti network is nated by a publication so that updates come out, according to the record it shows that the source entry that comes from forti updates is blocked by the public nat ip, even with the rule applied
Outside interface ACL
[cid:image006.jpg@01D710EC.26BD37A0]
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card