Deny TCP (no connection)

rmv72 · ‎11-07-2006

I've remote branch connected to sentral branch via IPSEC.

10.20.5.9-mail server in central branch

10.20.58.15-user's PC in remote branch

Users in remote branch are trying to connect MS Exchange server via https and sometimes they can not do it. From log i can see next messages-

302014: Teardown TCP connection 11679 for outside:10.20.5.9/443 to inside:10.20.58.15/2173 duration 0:00:21 bytes 10227 TCP Reset-I

302014: Teardown TCP connection 11680 for outside:10.20.5.9/443 to inside:10.20.58.15/2174 duration 0:00:19 bytes 24783 TCP Reset-I

302014: Teardown TCP connection 11683 for outside:10.20.5.9/443 to inside:10.20.58.15/2177 duration 0:00:15 bytes 8841 TCP Reset-I

302014: Teardown TCP connection 11684 for outside:10.20.5.9/443 to inside:10.20.58.15/2178 duration 0:00:15 bytes 16162 TCP Reset-I

106015: Deny TCP (no connection) from 10.20.5.9/443 to 10.20.58.15/2174 flags PSH ACK on interface outside

106015: Deny TCP (no connection) from 10.20.5.9/443 to 10.20.58.15/2174 flags FIN ACK on interface outside

106015: Deny TCP (no connection) from 10.20.5.9/443 to 10.20.58.15/2178 flags PSH ACK on interface outside

106015: Deny TCP (no connection) from 10.20.5.9/443 to 10.20.58.15/2178 flags FIN ACK on interface outside

106015: Deny TCP (no connection) from 10.20.5.9/443 to 10.20.58.15/2178 flags FIN PSH ACK on interface outside

What does it mean and how to fix it?

b.hsu · ‎11-13-2006

This Teardowns message will occur, when a lower security interface attempts to send traffic to a higher security interface.

Try this link:

lganeva · ‎11-19-2006

Hi,

here are some questions:

1. Where is the server - on the outside DMZ?

2. What is the timeout for TCP connections in this Firewall?

Regards