11-20-2012 09:10 PM - edited 03-11-2019 05:25 PM
I am trying to set up a hairpinning configuration for a client, wherein they have hardcoded their external IP address in their application for SQL access. From one of their servers the hairpinning works somewhat - a connection is established, but there are FIN ACK timeouts trying to close the connection. From other servers, I'm not even able to get that far - the connection gets a SYN timeout.
My config is attached with the externals redacted. What am I missing?
11-21-2012 09:37 AM
James,
We need more information about the packet flow.
What are the source and destination addresses, is the connection coming from inside and destined to the inside as well?
Regards,
Felipe.
11-21-2012 11:26 AM
James,
Have you created a tcp-state-bypass policy-map which matches your traffic flows? We had a similar issue with load-balanced edge Lync servers and saw similar TCP debug returns. Below is some information you may want to look at.
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_tcpstatebypass.pdf
Thanks,
Nick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: