|
List Info
Thread: Re: Re: Can ping, tracert but cannot telnet to a remote host on a particular
|
|
| Re: Re: Can ping, tracert but cannot
telnet to a remote host on a particular |
 
United States |
2007-07-30 12:49:35 |
|
Jim,
nothing has changed on my ASA and my network. On the server I am connecting to, I dont know if anything has changed.
I am a network admin/security manager.
I have used show conn, capture and below are some of my extract ;
my host is 172.19.8.200 acting as a client to the remote host 10.228.0.38 on port 55620
Result from 'show conn' command
TCP out 172.19.8.200:4100 in 10.228.0.38:55620 idle 0:00:05 bytes 0 flags SaAB
TCP out 172.19.8.200:4072 in 10.228.0.38:55620 idle 0:00:02 bytes 0 flags SaAB
Result from 'show capture' command
Extract for connection to VISA IP Address and port (10.228.0.38:55620)
;
1364: 10:44:13.019148 802.1Q vlan#8 P0 172.19.8.200.3518 > 10.228.0.38.55620: S 1387008336:1387008336(0) win 65535 <mss 1460,nop,nop,sackOK>
2325: 10:44:46.365307 802.1Q vlan#8 P0 172.19.8.200.3790 > 10.228.0.38.55620: S 4097337560:4097337560(0) win 65535 <mss 1460,nop,nop,sackOK>
2327: 10:44:46.383479 802.1Q vlan#8 P0 172.19.8.200.3775 > 10.228.0.38.55620: S 729998473:729998473(0) win 65535 <mss 1460,nop,nop,sackOK>
2611: 10:44:56.733818 802.1Q vlan#8 P0 10.228.0.38 > 172.19.8.200: icmp: echo reply
2612: 10:44:57.182012 802.1Q vlan#8 P0 172.19.8.200 > 10.228.0.38: icmp: echo request
2613: 10:44:57.775014 802.1Q vlan#8 P0 10.228.0.38 > 172.19.8.200: icmp: echo reply
2614: 10:44:58.182150 802.1Q vlan#8 P0 172.19.8.200 > 10.228.0.38: icmp: echo request
Extract for a working connection
3463: 10:45:23.139046 802.1Q vlan#8 P0 172.19.8.200.4056 > 172.16.11.190.7777: S 3833239846:3833239846(0) win 65535 <mss 460,nop,nop,sackOK>
3464: 10:45:23.139152 802.1Q vlan#8 P0 172.19.8.200.4038 > 172.20.7.15.8000: S 1394674339:1394674339(0) win 65535 <mss 1460,nop,nop,sackOK>
3465: 10:45:23.139198 802.1Q vlan#8 P0 172.20.7.15.8000 > 172.19.8.200.4038: R 0:0(0) ack 1394674340 win 65535
3466: 10:45:23.139213 802.1Q vlan#8 P0 172.19.8.200.4057 > 172.16.11.190.7777: S 1973567321:1973567321(0) win 65535 <mss 460,nop,nop,sackOK>
3467: 10:45:23.139305 802.1Q vlan#8 P0 172.19.8.200.4054 > 172.20.37.50.7601: S 3832637312:3832637312(0) win 65535 <mss 1460,nop,nop,sackOK>
;
3468: 10:45:23.139351 802.1Q vlan#8 P0 172.20.37.50.7601 >
172.19.8.200.4054: R 0:0(0) ack 3832637313 win 65535
3469: 10:45:23.139366 802.1Q vlan#8 P0 172.19.8.200.4055 > 172.20.7.210.6102: S 306199227:306199227(0) win 65535 <mss 1460,nop,nop,sackOK>
3470: 10:45:23.139397 802.1Q vlan#8 P0 172.20.7.210.6102 > 172.19.8.200.4055: R 0:0(0) ack 306199228 win 65535
3471: 10:45:23.139412 802.1Q vlan#8 P0 172.19.8.200.4036 > 172.20.7.15.8100: S 1 154858764:1154858764(0) win 65535 <mss 1460,nop,nop,sackOK>
3472: 10:45:23.139442 802.1Q vlan#8 P0 172.20.7.15.8100 > 172.19.8.200.4036: R 0:0(0) ack 1154858765 win 65535
regards,
Ayo Lawrence.
----- Original Message ---- From: jim jones <jrjonesalaska yahoo.com>
To: PIX_Firewallyahoogroups.com
Sent: Saturday, July 28, 2007 3:51:39 PM
Subject: [PIX_Firewall] Re: Can ping, tracert but cannot telnet to a remote host on a particular
Ayo, Firs t off we need some more info. ; Such info as the following:
What has changed on the ASA?
What has changed on the network?
What has changed on the server or workstation that you want to telnet to?
Are you a system/network admin or an end user?
Something most likely has changed, and not having any additional info on what trouble shooting you have done and information on your environment, it is kind of hard to help you.
jim
----- Original Message ---- From: "PIX_Firewall yahoogroups. com" <PIX_Firewall yahoogroups. com>
To: PIX_Firewall yahoogroups. com
Sent: Saturday, July 28, 2007 1:25:47 AM
Subject: [PIX_Firewall] Digest Number 819
Messages In This Digest (1 Message)
Message
- 1.
-
Posted by: "Ayo Lawrence" speednigyahoo.com?Subject=%20Re%3ACan%20ping%2C%20tracert%20but%20cannot%20telnet%20to%20a%20remote%20host%20on%20a%20particular" target="_blank" rel="nofollow">speednigyahoo. com speednig
Fri Jul 27, 2007 11:22 ;am (PST)
Hi All,
I manage a ASA 7.0 and i have established connectivity to a remote host
x.x.x.x on 55620 coming in through the inside DMZ of the ASA to an
internal host and everything was working properly, but suddenly, I can
no longer telnet to this port after about two weeks of establishing the
connectivity. However, I can still ping and tracert to the remote from
the host its connecting to inside my network.
Help me with likely solutions and troubleshooting methods.
best regards,
Ayo Lawrence.
speednig yahoo.com? Subject=Re%3ACan%20ping%2C%20tracert%20but%20cannot%20telnet%20to%20a%20remote%20host%20on%20a%20particular" target="_blank" rel="nofollow">Reply to sender | PIX_Firewall@yahoogroups.com?Subject=%20Re%3ACan%20ping%2C%20tracert%20but%20cannot%20telnet%20to%20a%20remote%20host%20on%20a%20particular" target="_blank" rel="nofollow">Reply to group | Reply via web post
Messages in this topic (1)
![Yahoo! Groups]() Change settings via the Web (Yahoo! ID required) Change settings via email: PIX_Firewa ll-normal@yahoogroups.com?subject=Email%20Delivery:%20Indiviual%20Email" target="_blank" rel="nofollow">Switch delivery to Individual | PIX_Firewall-traditional@yahoogroups.com?subject=Change%20Delivery%20Format:%20Traditional" target="_blank" rel="nofollow">Switch format to Traditional
Visit Your Group | Yahoo! Groups Terms of Use | PIX_Firewall-unsubscribe@yahoogroups.com?subject=Unsubscribe" target="_blank" rel="nofollow">Unsubscribe ![]()
Be a better Globetrott er. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.
Get the free Yahoo! toolbar and rest assured with the added security of spyware protection .
__._,_.___
.
__,_._,___
|
[1]
|
|