03-19-2015 01:53 PM - edited 03-05-2019 01:03 AM
Our users are unable to connect to a specific server on a specific port when connected via VPN. When connected to the LAN, they can connect fine.
I did some packet captures from the ASA and found that there is a connection reset after a number of retransmissions and spurious retransmissions.
Some more detail.
The server 192.168.1.120 port 211
VPN connected 172.16.2.xx
The PCAP file shows the TCP connection from port 58464 - 211
How can I figure out why it's forcing a connection reset?
I have the PCAP files if required.
03-19-2015 02:12 PM
Can you check if who is initiating the TCP reset packet. Is it the server machine or the VPN connected client machine?
Also does the TCP 2-way handshake completes and then reset happens or 3-way handshake itself is not happening?
CF
03-19-2015 02:12 PM
The source is the 172.16.2.xx address.
03-22-2015 01:26 PM
I've done that. Note that everything looks fine with trying to connect to the machine. I get the TCP connection request sent and acknowledged. However, the next line it then shows a suspected retransmission
03-19-2015 05:16 PM
How can I confirm the handshaking?
03-19-2015 10:03 PM
Install wireshark in the client/server and do a packet capture.
CF
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide