The problem most likely is to do with RPC connections. An RPC connection
starts on a port from inside to outside. Then the inside tells the outside
cpu to call back on a different port. but since this second connection is
started from the outside it is blocked. Now why did it all a sudden stop
working. the RPC port that it calls back on tends to be the same so when the
problem was first discovered we see what port is being blocked let that pass
through with a static map and think thing are all fine now. Then comes along
are coworker who applies SP6a the outside computer and it is rebooted. The
reboot causes the outside computer to select a different RPC port and the
problem is back. To fix this problem read MS TechNet q154596. This will
allow us to control the range of Ports the outside computer will reply on.
Good Luck
Rod Cappon
-----Original Message-----
From: Daniel Crichton [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 31, 2001 7:43 AM
To: [EMAIL PROTECTED]
Subject: Argh! PIX problem ...
I've got a machine outside my firewall on my subnet that I need to access a
Windows share on from inside the firewall. Until today this has worked fine,
but now it's started playing up. The PIX config has not changed. When I try
to connect or map a network drive I get a message in NT about the server not
being found, but I can ping the WINS name and get the right IP address.
Looking at my PIX log shows the following entry syntax for any connection
attempted:
%PIX-6-302002: Teardown TCP connection 5132238 faddr x.y.z.32/139 gaddr
x.y.z.82/6293 laddr w.x.y.14/1028 duration 0:00:00 bytes 0 (TCP Reset-O)
I can't find any info on what TCP Reset-O means. A dig around the web
reveals a post in July 2000 from someone else to this list showing the same
message but no replies to the list. I did have this once before but I
resolved
that issue - I accidentally created 2 static mappings to the same internal
IP
for 2 different public ips, and the first access to the second public IP
disabled
the first public IP and resulted in this TCP Reset-O flag. I can find no
reference in the PIX config for the IP of the machine outside my firewall,
and
yet I am unable to connect to it - no outbound rules block it (which would
result in a different log message) and the server is definitely up and
responding to the IP (I can connect to the web server on it using IE). Any
ideas?
Dan
---
D.C. Crichton email: [EMAIL PROTECTED]
Senior Systems Analyst tel: +44 (0)121 706 6000
Computer Manuals Ltd. fax: +44 (0)121 606 0477
Computer book info on the web:
http://computer-manuals.co.uk/
Want to earn money? Join our affiliate network!
http://computer-manuals.co.uk/affiliate/
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
