I would look at syslog entries for the
source IP on the ASA and see if its being denied outbound. Or just look at the
Access List on the ASA and see if the rules would permit/deny.
Adam
From:
wireshark-users-bounces@xxxxxxxxxxxxx
[mailto:wireshark-users-bounces@xxxxxxxxxxxxx] On Behalf Of D W
Sent: Thursday, April 30, 2009
5:20 PM
To: wireshark-users@xxxxxxxxxxxxx
Subject: [Wireshark-users]
Connection to Cluster IP thru VPN tunnel not working
I
have 3 windows 2003 terminal servers setup for load balance. IP addresses
192.168.1.14, 192.168.1.15, 192.168.1.16 Cluster IP 192.168.1.40
multicast.
I
have a remote site connected via site to site VPN tunnel using Cisco
ASA devices, subnet 192.168.100.1. On the local LAN I can get connected to
terminal servers using the cluster IP, at the remote site I can
not. At
I
have setup wireshark on my 192.168.1.0 subnet and setup a packet capture on the
ASA5510. On the wireshark I see SYN packets coming in from my machine
192.168.100.102 to the cluster IP and I see SYN,ACK packets Src the
cluster IP with the mac address of one of the terminal servers and the dst
my IP address with the mac address of the ASA 5510. On the ASA5510 packet
capture I only see the SYN packets from my machine coming in but no SYN,ACK
packets going out. What do I do to find out what happened to the SYN,ACK
packets?
I
did a packet capture when connecting to the actual IP address of the terminal
server (Which Works) and compared the SYN,ACK packets from both and saw
no difference.
Windows Live™ SkyDrive™: Get 25 GB of free online storage.
Check it out.