10-23-2017 07:10 PM - edited 02-21-2020 06:33 AM
Hello guys..
I meet one problem that I have no idea what and how to check.
See below my network drawing, two firewalls (ASA5505) are there between PRC domain and DMZ domain and Business domain. One of my PRC domain server RAE (10.41.10.3) is looking for a lincense server (10.41.3.100) in business network. It stop work from early this month. I still can ping to the license server from DMZ servers, for example the DMZAD1, but I can not ping to the lincense server from any PRC servers. Since it works before, I assume it is a problem on firewall B.
I am totally new to firewall configuration, so although I can login the firewall, I don't know what and how to check. Can someone kindly throw me some idea?
10-23-2017 07:53 PM
Hi @fan.yang
SSH to Firewall B then run a capture command. Capture is similar to a sniffer or syslog and will alow you to see packets back and forth.
You just need to know the interfaces in/out, source and destination IP address and TCP ports.
You can omit some information as well.
If you didnt see any log on capture, Maybe tr packet is not getting into this Firewall.
|
you can show packets with "show capture "Capture name"
-If I helped you somehow, please, rate it as useful.-
11-01-2017 08:15 PM
Thank you for your advice.
We finally found out it is not a firewall issue. Someone changed the setting at the other end :(
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: