Session disconnected - duration 0 Bytes 0

tad.190804 · ‎06-15-2017

Hi All,

While testing an application, we found that the session between the our virtual IP, and the backend server, is established over the firewall, and disconnected immediately. So the connection log shows "duration 0:00:00 bytes 0 TCP FINs" (attached)

This basically tells us that NO data was sent over, or the packet received by the backend server was discarded.

But when I do a telnet to the application server port, the telnet session is established and is successful.

Why so? We were not able to pin point.

Any inputs that could help me here please.

Regards,

Aditya Ganjoo · ‎06-15-2017

Hi Tad,

There can be multiple reasons behind this.

May I know what type of application is this?

We need to take the interface and asp drop captures for this.

Also, share a packet tracer output for this traffic.

Regards,

Aditya

Please rate helpful posts and mark correct answers.

er.shivamdubey31190 · ‎06-15-2017

Hi Tad,

The log is from ASDM I believe.

In order to troubleshoot the better approach is to apply captures on ASA for source and destination.

If you want, I can help with the required commands but you need to be aware about the topolgy from ASA's perspactive.

Please do run a packet tracer ase well.

Now coming to your question that why it allow a telnet connection. It is fairly simple that on ASA Telnet traffic might have been allowed by any access rule but for normal traffic of that application, there is no rule to allow traffic and thats why the traffic is getting dropped. (It might be a reason, not sure.)

Its better we take the capture and packet tracer.

Br

Dubey, Shivam

Ex-TAC (shivdube)