09-08-2019 02:02 AM - edited 09-08-2019 05:20 AM
Hi All,
We have build tunnel to HQ and branch, only some segment on HQ is unable to access application at branch office, but ping is able to ping.
ASA model & version : 5516-X & 9.12(2)
When HQ access to branch our asa get below message.
the asa discarded a tcp packet that has no associated connection in the asa connection table.
Deny TCP (no connection) from 10.251.72.224/53212 to 10.97.108.21/1521 flags RST-ACK on interface outside.
09-08-2019 03:25 AM
09-08-2019 05:22 AM
Hi Sorry,
Just added in attach file , 153.139.225.121 is to HQ VPN which from HQ remote lan only 10.251.72.xx/23 unable to access to our LAN network current ASA config.
Please advise.
09-09-2019 08:29 AM
Hi Dennis,
I add in the config file , please advise
09-10-2019 01:00 AM
Can you run the packet tracer (with Detail key word) command from both end and share the output.
HTH
09-10-2019 01:36 AM
09-10-2019 03:01 AM
The packet tracer from remote site syntax is fine?
input is OUTSIDE
packet-tracer input outside tcp 10.251.72.22 1521
I would say that it should be inside
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide