ACK RST - TCP-IP

This is a discussion on ACK RST - TCP-IP ; Users cannot connect to the applications but can PING the app servers (10.10.10.130/134/135) - these are NATted - users see them as 10.10.10 addresses when they are actually 192.168.0.42/37/35. Any suggestions on what the router debug output issaying? 3725_Backup#show *Mar ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: ACK RST

  1. ACK RST

    Users cannot connect to the applications but can PING the app servers
    (10.10.10.130/134/135) - these are NATted - users see them as 10.10.10
    addresses
    when they are actually 192.168.0.42/37/35. Any suggestions on what the
    router debug output issaying?

    3725_Backup#show
    *Mar 1 00:11:12: %ISDN-6-CONNECT: Interface BRI1/0:1 is now connected
    to xxxxx
    3725_Backup# show ip nat trans
    Pro Inside global Inside local Outside local Outside
    global
    --- 10.0.0.130 192.168.0.42 --- ---
    --- 10.0.0.134 192.168.0.37 --- ---
    --- 10.0.0.135 192.168.0.35 --- ---
    3725_Backup#
    ************************************************** ********************************
    W user logon attempt
    3725_Backup#
    17:42:35: IP: s=10.0.18.35 (Dialer4), d=10.0.0.135, len 48, rcvd 2
    17:42:35: TCP src=2739, dst=3200, seq=3212891754, ack=0, win=32768
    SYN

    17:42:35: IP: s=10.0.0.135 (local), d=10.0.18.35 (Dialer4), len 40,
    sending
    17:42:35: TCP src=3200, dst=2739, seq=0, ack=3212891755, win=0 ACK
    RST

    17:42:35: IP: s=10.0.18.35 (Dialer4), d=10.0.0.135, len 48, rcvd 2
    17:42:35: TCP src=2739, dst=3200, seq=3212891754, ack=0, win=32768
    SYN

    17:42:35: IP: s=10.0.0.135 (local), d=10.0.18.35 (Dialer4), len 40,
    sending
    17:42:35: TCP src=3200, dst=2739, seq=0, ack=3212891755, win=0 ACK
    RST

    17:42:36: IP: s=10.0.18.35 (Dialer4), d=10.0.0.135, len 48, rcvd 2
    17:42:36: TCP src=2739, dst=3200, seq=3212891754, ack=0, win=32768
    SYN

    17:42:36: IP: s=10.0.0.135 (local), d=10.0.18.35 (Dialer4), len 40,
    sending
    17:42:36: TCP src=3200, dst=2739, seq=0, ack=3212891755, win=0 ACK
    RST

    3725_Backup#
    17:44:49: IP: s=10.0.18.35 (Dialer4), d=10.0.0.134, len 48, rcvd 2
    17:44:49: TCP src=2742, dst=3200, seq=250894860, ack=0, win=32768
    SYN

    17:44:49: IP: s=10.0.0.134 (local), d=10.0.18.35 (Dialer4), len 40,
    sending
    17:44:49: TCP src=3200, dst=2742, seq=0, ack=250894861, win=0 ACK
    RST

    17:44:49: IP: s=10.0.18.35 (Dialer4), d=10.0.0.134, len 48, rcvd 2
    17:44:49: TCP src=2742, dst=3200, seq=250894860, ack=0, win=32768
    SYN

    17:44:49: IP: s=10.0.0.134 (local), d=10.0.18.35 (Dialer4), len 40,
    sending
    17:44:49: TCP src=3200, dst=2742, seq=0, ack=250894861, win=0 ACK
    RST

    17:44:50: IP: s=10.0.18.35 (Dialer4), d=10.0.0.134, len 48, rcvd 2
    17:44:50: TCP src=2742, dst=3200, seq=250894860, ack=0, win=32768
    SYN

    17:44:50: IP: s=10.0.0.134 (local), d=10.0.18.35 (Dialer4), len 40,
    sending
    17:44:50: TCP src=3200, dst=2742, seq=0, ack=250894861, win=0 ACK
    RST

  2. Re: ACK RST

    That is very strange. I am curious as to if the packets are seen at the
    inside host. My guess is no, but I would install wireshark on one of the
    inside pc's and try to connect. If the packets are there, do they look like
    what'd you'd expect? If there not as expected, I would look at the config
    in the router. I would also see if there is anything like an ip inspect
    that might be in the middle of the communication.

    wrote in message
    news:329c18a5-4b78-45ab-bae6-d08dc829aa09@25g2000hsx.googlegroups.com...
    > Users cannot connect to the applications but can PING the app servers
    > (10.10.10.130/134/135) - these are NATted - users see them as 10.10.10
    > addresses
    > when they are actually 192.168.0.42/37/35. Any suggestions on what the
    > router debug output issaying?
    >
    > 3725_Backup#show
    > *Mar 1 00:11:12: %ISDN-6-CONNECT: Interface BRI1/0:1 is now connected
    > to xxxxx
    > 3725_Backup# show ip nat trans
    > Pro Inside global Inside local Outside local Outside
    > global
    > --- 10.0.0.130 192.168.0.42 --- ---
    > --- 10.0.0.134 192.168.0.37 --- ---
    > --- 10.0.0.135 192.168.0.35 --- ---
    > 3725_Backup#
    > ************************************************** ********************************
    > W user logon attempt
    > 3725_Backup#
    > 17:42:35: IP: s=10.0.18.35 (Dialer4), d=10.0.0.135, len 48, rcvd 2
    > 17:42:35: TCP src=2739, dst=3200, seq=3212891754, ack=0, win=32768
    > SYN
    >
    > 17:42:35: IP: s=10.0.0.135 (local), d=10.0.18.35 (Dialer4), len 40,
    > sending
    > 17:42:35: TCP src=3200, dst=2739, seq=0, ack=3212891755, win=0 ACK
    > RST
    >
    > 17:42:35: IP: s=10.0.18.35 (Dialer4), d=10.0.0.135, len 48, rcvd 2
    > 17:42:35: TCP src=2739, dst=3200, seq=3212891754, ack=0, win=32768
    > SYN
    >
    > 17:42:35: IP: s=10.0.0.135 (local), d=10.0.18.35 (Dialer4), len 40,
    > sending
    > 17:42:35: TCP src=3200, dst=2739, seq=0, ack=3212891755, win=0 ACK
    > RST
    >
    > 17:42:36: IP: s=10.0.18.35 (Dialer4), d=10.0.0.135, len 48, rcvd 2
    > 17:42:36: TCP src=2739, dst=3200, seq=3212891754, ack=0, win=32768
    > SYN
    >
    > 17:42:36: IP: s=10.0.0.135 (local), d=10.0.18.35 (Dialer4), len 40,
    > sending
    > 17:42:36: TCP src=3200, dst=2739, seq=0, ack=3212891755, win=0 ACK
    > RST
    >
    > 3725_Backup#
    > 17:44:49: IP: s=10.0.18.35 (Dialer4), d=10.0.0.134, len 48, rcvd 2
    > 17:44:49: TCP src=2742, dst=3200, seq=250894860, ack=0, win=32768
    > SYN
    >
    > 17:44:49: IP: s=10.0.0.134 (local), d=10.0.18.35 (Dialer4), len 40,
    > sending
    > 17:44:49: TCP src=3200, dst=2742, seq=0, ack=250894861, win=0 ACK
    > RST
    >
    > 17:44:49: IP: s=10.0.18.35 (Dialer4), d=10.0.0.134, len 48, rcvd 2
    > 17:44:49: TCP src=2742, dst=3200, seq=250894860, ack=0, win=32768
    > SYN
    >
    > 17:44:49: IP: s=10.0.0.134 (local), d=10.0.18.35 (Dialer4), len 40,
    > sending
    > 17:44:49: TCP src=3200, dst=2742, seq=0, ack=250894861, win=0 ACK
    > RST
    >
    > 17:44:50: IP: s=10.0.18.35 (Dialer4), d=10.0.0.134, len 48, rcvd 2
    > 17:44:50: TCP src=2742, dst=3200, seq=250894860, ack=0, win=32768
    > SYN
    >
    > 17:44:50: IP: s=10.0.0.134 (local), d=10.0.18.35 (Dialer4), len 40,
    > sending
    > 17:44:50: TCP src=3200, dst=2742, seq=0, ack=250894861, win=0 ACK
    > RST




+ Reply to Thread