10-08-2013 09:25 AM - edited 03-11-2019 07:48 PM
Hello everyone,
I have recently started learning about ASAs and I had an issue while deploying an ASA. Previously we had a router which was acting as firewall and I was assigned the task to replace it with ASA 5512. I have configured the access rules and everything. But when I bring up the ASA we were unable to reach the mail server from outside. when I do wireshark on the mail server it say that
6 0.250255000 X.X.X.2 Y.Y.Y.15 TCP 74 40092 > http [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSval=344785118 TSecr=0 WS=64
7 0.250319000 Y.Y.Y.15 X.X.X.2 TCP 74 http > 40092 [SYN, ACK] Seq=0 Ack=1 Win=8192 [TCP CHECKSUM INCORRECT] Len=0 MSS=1460 WS=256 SACK_PERM=1 TSval=181293696 TSecr=344785118
8 0.252076000 X.X.X.2 Y.Y.Y.15 TCP 60 40092 > http [RST, ACK] Seq=1 Ack=1 Win=524288 Len=0
where X.X.X.2 is the external Ip from which I was trying to open mail server on port 80 and Y.Y.Y.15 is my mail server.
and On the ASA it says
6|Oct 01 2013|19:08:31|106015|70.197.81.228|1305|Y.Y.Y.85|80|Deny TCP (no connection) from 70.197.81.228/1305 to Y.Y.Y.85/80 flags PSH ACK on interface External_Interface
6|Oct 01 2013|19:08:31|106015|70.197.81.228|1305|Y.Y.Y.85|80|Deny TCP (no connection) from 70.197.81.228/1305 to Y.Y.Y.85/80 flags PSH ACK on interface External_Interface
6|Oct 01 2013|19:08:31|106015|70.197.81.228|1305|Y.Y.Y.85|80|Deny TCP (no connection) from 70.197.81.228/1305 to Y.Y.Y.85/80 flags FIN ACK on interface External_Interface
6|Oct 01 2013|19:08:31|106015|70.197.81.228|1305|Y.Y.Y.85|80|Deny TCP (no connection) from 70.197.81.228/1305 to Y.Y.Y.85/80 flags FIN ACK on interface External_Interface
in here Y.Y.Y.85 is external Ip address for my mailserver
I have tried tcp state bypass but didn't work. Can anyone Please help me with this....!!
Thanks in advance...
Raj
Solved! Go to Solution.