Install wireshark in the

KnightChunkman · ‎03-19-2015

Our users are unable to connect to a specific server on a specific port when connected via VPN. When connected to the LAN, they can connect fine.

I did some packet captures from the ASA and found that there is a connection reset after a number of retransmissions and spurious retransmissions.

Some more detail.

The server 192.168.1.120 port 211

VPN connected 172.16.2.xx

The PCAP file shows the TCP connection from port 58464 - 211

How can I figure out why it's forcing a connection reset?

I have the PCAP files if required.

Cisco Freak · ‎03-19-2015

Can you check if who is initiating the TCP reset packet. Is it the server machine or the VPN connected client machine?

Also does the TCP 2-way handshake completes and then reset happens or 3-way handshake itself is not happening?

CF

KnightChunkman · ‎03-19-2015

The source is the 172.16.2.xx address.

Keith Uhlmann · ‎03-22-2015

I've done that. Note that everything looks fine with trying to connect to the machine. I get the TCP connection request sent and acknowledged. However, the next line it then shows a suspected retransmission

KnightChunkman · ‎03-19-2015

How can I confirm the handshaking?

Cisco Freak · ‎03-19-2015

Install wireshark in the client/server and do a packet capture.

CF

Unable to connect to Port when on VPN