Not able to see connections For 3389

suryakant.chavan · ‎06-04-2012

Hi Experts
user 192.168.1.10 --> ASA 1-----> ASA 2-------> ASA 3----> server (172.21.16.15)

We have opened 3389 , 80 & 445 ports on all firewalls ( ASA 1, ASA 2, ASA ) for server (172.21.16.15) from (192.168.1.10).
We are able to see connection in ASA 1 under show connection for 3389, 445 ,80.

we are not able to see connections in ASA 2 & ASA 3 under show connection for 3389. But we are able to see hits in ACl.

Can u Pl's help me to identify the issue

Thanks & Regards,

Surya.

Jennifer Halim · ‎06-04-2012

Do you have any NAT configured on ASA 1, ASA 2 and ASA 3? what is the security level on ASA 1, ASA 2 and ASA 3 for the traffic path?

suryakant.chavan · ‎06-04-2012

Hi Jennifer,

NAT not configured on ASA 1 , ASA 2 & ASA3 firewalls.

Security level on All Firewalls

inside :- user 192.168.1.10 traffic enter : 100

Outside :- 0

As per my knowledge as we have allwded traffic through ACL , security level is not comes in picture.

Regard's

Surya.

Jennifer Halim · ‎06-04-2012

Are traffic going through all 3 ASA from high to low security level?

Is this as follows:

user 192.168.1.10 --> (inside) ASA 1-(outside) ----> (inside) ASA 2 (outside) -------> (inside) ASA 3 (outside) ----> server (172.21.16.15)

Is all routing correctly configured? each ASA know how to route to 192.168.1.0 and 172.21.16.0 network?

Can you share the config of the ASAs?