07-06-2017 09:01 AM
Hi Guys,
We have a VPN tunnel between my ASA firewall to the client location. The tunnel is up and fine, we are able to ping and traceroute their end ips. but we are unable to telnet 1521 port to their end
in my logs
Teardown TCP connection 2267574309 for External:10.202.16.54/1521 to internal:10.210.23.152/53480 duration 0:00:30 bytes 0 SYN Timeout
Build outbound TCP connection 2267574309 for External:10.202.16.54/1521 (10.202.16.54/1521) to internal:10.210.23.152/53480 (192.168.200.152/53480)
I took support from CISCO TAC team, they are saying the issue with remote
Can anyone help me, to resolve this
Thanks in advance
07-06-2017 02:11 PM
"SYN Timeout" means that nothing comes back after the first packet of the TCP 3-Way handshake. Am I right that this log is from the firewall where the PC initiating the connection is located? Then you have to troubleshoot it on the other side. Can you capture traffic on the remote firewall? Look if the traffic is sent to the destination and if something is coming back. You say that you can successfully ping the devices and use other ports. With that it's likely that an internal device on the other side is filtering the traffic.
07-06-2017 10:53 PM
Hi Karsten,
Thanks for the response.
We are able to telnet 3389, 139, 1433 ports, but with 1521port only we are getting syn timeout.
My client said, they didn't put any port restriction at their end.they have allowed all ports. 20days back we are able to access that port but From last 20days only we are not able to telnet that port.
And one more thing, from their server to my server we are able to ping and traceroute only. We are unable to telnet even a single port.
Please show me the path to sortout this issue.
Thanks in advance.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide