Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
770
Views
0
Helpful
5
Replies

Periodic connection issues over site VPN

Rex Biesty
Level 1
Level 1

‎10-26-2010 06:32 AM - edited ‎03-11-2019 12:00 PM

Hi

We're getting an issue where a third party  company who access an iSeries server on our internal network is  periodically losing their connection to this server (they access via  client software on port 23). They're coming thru a l2l VPN tunnel with  no restrictions. I've checked the log files and found this for one of  the client IP addresses

Deny TCP (no connection) from TALENT_SERVER/1025 to 172.17.10.129/2209 flags ACK  on interface inside

where  TALENT_SERVER is the server they're connecting to and 172.17.10.129 is  the client address. The client usually re-connects straight away and  completes the transaction without issue. Interestingly, the previous  company who provided this service connected to us via a spare interface  on the firewall (they were based in the next building) and had the same  issue. We also have many clients on the internal network who connect  without any issues which makes me think something on the firewall is  causing this. Anyone got any ideas or pointers cos I'm a bit stumped?

Thanks

Labels:
0 Helpful
5 Replies 5

golly_wog
Level 1
Level 1

‎10-26-2010 06:39 AM

Asymetriuc routing is going on.


It's getting the ACK, but where's the SYN-ACK??

You need to check your routing - somewhere the SYN-ACK is being lost..

Assuming that this isn't a bug...

0 Helpful

Rex Biesty
Level 1
Level 1
In response to golly_wog

‎10-26-2010 07:14 AM

Hi Golly, thanks for the reply. Are you talking about the routing on the firewall, our internal routing or the routing on the 3rd party's network. Sorry if this is a dumb question, firewall admin is only part of my job so I'm no expert.

0 Helpful

golly_wog
Level 1
Level 1
In response to Rex Biesty

‎10-26-2010 07:33 AM

Rex

It could be anywhere mate - if you up a diagram that would help.

Sanitize it before you do ;-)

0 Helpful

Rex Biesty
Level 1
Level 1
In response to golly_wog

‎10-26-2010 07:49 AM

Can provide a network diagram for here but not the 3rd party's network. I've asked them for it and I'll put the inside interface of the firewall and our iSeries on the same switch in case thats causing any bother. Is there anything I can look at on the firewall which might be causing the issue?

0 Helpful

Rex Biesty
Level 1
Level 1
In response to golly_wog

‎10-27-2010 02:38 AM

Not sure if this helps but we also have a Cisco IDS system installed. No-one knows anything about it here so can't comment on it's config but is it possible that that might be causing the issues?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card