Problem with ASA

Firmansyah Firmansyah · ‎04-18-2011

Dear all,

I have a problem with ASA,

This is my topology :

host A <--> ASA <--> host B; host B open application in tcp port 7700.

I have completed my configuration for NAT, ACL so host A can passthrough to host B. Host A can ping to host B and host A can telnet to host B port 7700, but when host A start application in cant' work. Application in host A can connected to host B, but it can't pass the data in application.

Does anyone have clue for this problem ?

Thank U

Best Regards,

Jennifer Halim · ‎04-18-2011

Please check with the application vendor if it requires any other ports except port 7700 to be opened. If you can telnet on port 7700 that means the connectivity is established between the 2 hosts. You would need to clarify if there is any other ports required for the data.

barry · ‎04-18-2011

Yup; good advice.

I would change your rule so that all IP traffic was allowed between the hosts and test again. If the application then works you know that the rule base is the issue and it must be using some port other than TCP 7700. Log your rule through ASDM and see what ports are being used.

If it doesn't work, then you have another problem which is not rule base related. At that point, you may need a sniffer on one or both of the hosts to see what is happening.

Barry

Firmansyah Firmansyah · ‎04-18-2011

Thank u guys,

For your reply ....

I have open my rule to bypass ip (permit ip host A to host B). Today I meet same problem, I open rdestop server in host B, from host A I can telnet to host B port 3389 (rdesktop port), but when I start rdesktop connection from host A to host B, it can't start.

Is there possible asa have corrupt or the ios corrupt ?

Best Regards