Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
393
Views
0
Helpful
2
Replies

problems between Cisco Firewall or Nat and Windows 2003 server

hectorbianchi
Level 1
Level 1

‎05-09-2015 02:53 PM - edited ‎03-05-2019 01:25 AM

I have a Cisco 2821 device working as Firewall to drive in and out internet trafic, and a Windows 2003 server working as DNS and FTP to be reached from outside. Users can reach the server for a while (sometimes some hours) after the Cisco 2821 is reloaded but, whitout any known reason, access becomes bocked (in fact not responding). Over this Cisco device, configured as Zone Based Firewall, we have some other servers, serving http, smtp, ftp, dns and several service to outside users that continue to work fine. Even, we have a Windows 2008 servers supporting FTP and DNS that does not suffers the problem. We have in fact two internet links from different companies, each of them with a Cisco 2821 with similar configurations and in both links happens the same thing. Perhaps this is not a Firewall problem but a NAT one, we don't know but when we want the server being seen again from outside, we must reload the Cisco?

Labels:
0 Helpful
2 Replies 2

johnd2310
Level 8
Level 8

‎05-10-2015 06:56 PM

Hi,

 

When the event occurs, can you mirror the port connected to the server and capture some traffic to see if there is any traffic hitting the server or leaving the server. This will help determine if the traffic is being dropped by the router/firewall or the server.

 

Thanks

John

**Please rate posts you find helpful**
0 Helpful

hectorbianchi
Level 1
Level 1

‎05-13-2015 03:16 PM

Problem was solved by myself. I observed the outside address of the static NAT of the two Windows 2003 servers that were having the problem, was not reflected in the ARP table. That NAT statement was (e.g.)

ip nat inside source static 192.168.199.16 10.10.10.6

and we had an ARP entry for the inside address 192.168.199.16, but not for the outside address. In all other cases, from linux and also Windows 2008 servers, both sides of the NAT were in the ARP table.

So, we forced the outside address to be in the ARP table by defining that ip address as secondary address on the outside interface. Problem solved.

But we still don't know why this affected only Windows 2003 server.

0 Helpful
Customers Also Viewed These Support Documents