Hello all,
A customer to us have problems with accessing their server. Between our datacenter and our partner datacenter, we have a VPN tunnel. The customer's IP is on subnet 192.168.50.0 and they trying to access the server which is 10.150.150.3. This server is on the other side of the VPN tunnel. I told our customer to generate some traffic to 10.150.150.3. I did some troubleshooting and I found this in the logs:
2021-07-02T16:42:33+02:00 10.120.130.17 %ASA-6-302013: Built outbound TCP connection 3713197788 for OUTSIDE:10.150.150.3/443 (10.150.150.3/443) to TRANSIT:192.168.50.5/38938 (192.168.50.5/38938)
2021-07-02T16:42:33+02:00 10.120.130.17 %ASA-6-302013: Built outbound TCP connection 3713197934 for OUTSIDE:10.150.150.3/443 (10.150.150.3/443) to TRANSIT:192.168.50.5/38940 (192.168.50.5/38940)
2021-07-02T16:42:33+02:00 10.120.130.17 %ASA-6-302014: Teardown TCP connection 3713197788 for OUTSIDE:10.150.150.3/443 to TRANSIT:192.168.50.5/38938 duration 0:00:00 bytes 6044 TCP Reset-O from OUTSIDE
2021-07-02T16:42:33+02:00 10.120.130.17 %ASA-6-106015: Deny TCP (no connection) from 10.150.150.3/443 to 192.168.50.5/38938 flags RST on interface OUTSIDE
2021-07-02T16:42:33+02:00 10.120.130.17 %ASA-6-302014: Teardown TCP connection 3713197934 for OUTSIDE:10.150.150.3/443 to TRANSIT:192.168.50.5/38940 duration 0:00:00 bytes 7424 TCP FINs from TRANSIT
2021-07-02T16:42:33+02:00 10.120.130.17 %ASA-6-106015: Deny TCP (no connection) from 10.150.150.3/443 to 192.168.50.5/38940 flags RST on interface OUTSIDE
From my understanding, this is a fault on our partners side. The reason is that we get a deny tcp (no connection) from our partner side. The customer IP is 192.168.50.5 and the IP 10.150.150.3 is located at our partner side, that's where the server is located. The IP 10.150.150.3 "refuses" to do a TCP connection with 192.168.50.5. But still, Im not sure if understood this correctly.
It would be great if someone could explain this output for me.
Thanks.
No comments:
Post a Comment