"sh conn" State tcp - connection problem.

Hello

I see the problems of random hosts connection that runs through the inside of my PIX535 (point 6.1.1) through a global IP address, to a couple of specific servers on the internet.

When the problem accurs machines Pat ' ted behind the World Cup have an IP connectivity for web servers mentioned, but not tcp/80

Staticly NAT'ted machines are not affected by the problem.

I can see (with "sh conn [Web server-IP]" ' and ' sh xlate ") that the workstations are PAT'ted correctly to a global port and a connection attempt is made:

y.y.y.y = IP of the workstation

x.x.x.x = my global IP

z.z.z.z = the foreign Web server

f edb1-1 # sh local xlate [y.y.y.y]

Global PAT [x.x.x.x] (16412) Local y.y.y.y (1959)

f edb1-1 #sh conn foreign z.z.z.z

TCP on z.z.z.z:80 in y.y.y.y:1959 idle 0:00:45 0 flags saA bytes

What I don't know, what exactly does the flags 'saA '? I found more on cisco.com:

s waiting outside SYN

a ACK outside waiting for SYN

A waiting inside the acknowledgement to SYN

two aA are logical for me: Firewall has not yet received an ACK packet from the Web server.

However, I'm not shure on what to conclude on the "s". What 'pending outside SYN' actually mean? My firewall passed jobs package SYN at this point?

Thanks in advance,

--

Lasse Björn Jensen

Standard TCP protocol requires that the receiver respond to an initial SYN packet with a SYN ACK. The ASA flags indicate that we have seen a SYN from a customer inside and are waiting for the SYN ACK (sa) from the outside host and then the ACK (A) inside the host in response to the SYN ACK. Looks like the target machine does not meet the customers using the PAT address. Need us more information to determine the cause. I hope this helps.

Scott

Tags: Cisco Security

Similar Questions

  • in the waking state socket connection problem

    Hi all.
    My app need update real-time security data, it should be able to run well even the switch of the PB in the waking state.
    The problem is that when PB passes to the waking state and more than an hour later, my application cannot send request for data to the socket server (initially he workd well), even when the PB get again enabled, the socket connection is also unnecessary.
    I did a test as follows:
    1, I added the "throttled" in the blackberry - tablet.xml
    2. I have add a few listiner event in the main class, but each of them can be fired in any time.

    QNXSystem.system.addEventListener(qnx.events.QNXSystemEvent.STANDBY,onDeactive);
QNXSystem.system.addEventListener(qnx.events.QNXSystemEvent.ACTIVE,onActive);
QNXSystem.system.requestResource(QNXSystemResource.NETWORKING);
stage.addEventListener(Event.USER_IDLE,userIdle);
stage.addEventListener(Event.USER_PRESENT,userPresent);
stage.addEventListener(Event.ACTIVATE,onStageActive);
stage.addEventListener(Event.DEACTIVATE,onStageDeactive);

    3, I put a clock to save information in / shared folder.it worked well in the waking state.

    Thanks for any response.

    Hello.
    I'm a developer of instant messaging which is connected to the door via socket. What I can tell you for sure I you need to use:
    normal
    That, to use SocketMonitor to ensure that connections are available, some WiFi routers can close idle connection event when U don't want to! If you need to reconnect in such cases.
    Please, feel free to ask for help more.

  • Problems of TCP connection on ubuntu after conversion of vmware

    Hello

    We had an old vmware on a 2008 Server, it has 3 virtual machines.  The one I installed and two that were installed before that I'm here.
    We converted these a few weeks ago to esxi 5.0.

    Since then, we seem to have some problems on two of the vm three ubuntu (that I installed works correctly).

    Network is in place and I have a constant ping and to machine.207 (the one who has problems). That's the problem: unstable tcp connections.  When you try to ssh it he falls just the connection, second time works sometimes.  When you work in the ssh session you are disconnected at random.

    What I've done so far:
    -updated all the latest 12,04 LTS ubuntu
    -disabled ipv6
    -active routing sur.207-> just has a default route to our firewall, routing is not the issue as this happens locally.
    -checked arp = ok
    -restarted machine-> the problem is the same

    Now I've installed wireshark, and this is what happens when it fails:
    I see my machine (. 100) a.207 - > 335 19.989077000 192.168.0.100 192.168.0.207 TCP 54 59763 > ssh [ACK] Seq = 1 Ack = 1 win = 65536 Len = 0
    .207 answers back - > 335 19.989077000 192.168.0.100 192.168.0.207 TCP 54 59763 > ssh [ACK] Seq = 1 Ack = 1 win = 65536 Len = 0
    368 21.389081000 192.168.0.207 192.168.0.100 66 TCP ssh > 59763 [SYN, ACK] Seq = 0 Ack = 1 win = 14600 Len = 0 MSS = 1460 SACK_PERM = 1 WS = 16
    555 23.389142000 192.168.0.207 192.168.0.100 66 TCP ssh > 59763 [SYN, ACK] Seq = 0 Ack = 1 win = 14600 Len = 0 MSS = 1460 SACK_PERM = 1 WS = 16
    765 27.389213000 192.168.0.207 192.168.0.100 66 TCP ssh > 59763 [SYN, ACK] Seq = 0 Ack = 1 win = 14600 Len = 0 MSS = 1460 SACK_PERM = 1 WS = 16
    970 35.389339000 192.168.0.207 192.168.0.100 66 TCP ssh > 59763 [SYN, ACK] Seq = 0 Ack = 1 win = 14600 Len = 0 MSS = 1460 SACK_PERM = 1 WS = 16
    1307 51.389592000 192.168.0.207 192.168.0.100 66 TCP ssh > 59763 [SYN, ACK] Seq = 0 Ack = 1 win = 14600 Len = 0 MSS = 1460 SACK_PERM = 1 WS = 16
    1417 58.524460000 192.168.0.207 192.168.0.100 60 TCP ssh > 58009 [ACK] Seq = 1 Ack = 1 win = 2532 Len = 0
    3777 133.529204000 192.168.0.207 192.168.0.100 60 TCP [TCP Dup ACK 1417 #1] ssh > 58009 [ACK] Seq = 1 Ack = 1 win = 2532 Len = 0
    8144 208.534869000 192.168.0.207 192.168.0.100 60 TCP [TCP Dup ACK 1417 #2] ssh > 58009 [ACK] Seq = 1 Ack = 1 win = 2532 Len = 0
    12679 283.539682000 192.168.0.207 192.168.0.100 60 TCP ssh > 58009 [RST, ACK] Seq = 2 Ack = 1 win = 2532 Len = 0


    I have no idea why I get a reset.  I'm in the dark
    iptables-L sur.207 does nothing.

    This is a successful attempt, then drop after a certain time:
    48 2.635152000 192.168.0.207 192.168.0.100 66 TCP ssh > 59999 [SYN, ACK] Seq = 0 Ack = 0 Win = 14600 Len = 0 MSS = 1460 SACK_PERM = 1 WS = 16
    76 3.911437000 192.168.0.100 TCP 66 60000 192.168.0.207 > ssh [SYN] Seq = 0 Win = 8192 Len = 0 MSS = 1460 WS = 256 SACK_PERM = 1
    77 3.911732000 192.168.0.207 192.168.0.100 66 TCP ssh > 60000 [SYN, ACK] Seq = 0 Ack = 1 win = 14600 Len = 0 MSS = 1460 SACK_PERM = 1 WS = 16
    78 3.911834000 192.168.0.100 TCP 54 60000 192.168.0.207 > ssh [ACK] Seq = 1 Ack = 1 win = 65536 Len = 0
    then I wait a while, I see a part of the traffic and then this is the case:
    2165 113.070976000 192.168.0.207 192.168.0.100 SSHv2 106 encrypted response packet len = 52
    2166 113.125807000 192.168.0.100 TCP 54 60000 192.168.0.207 > ssh [ACK] Seq = 1917 Ack = 3640 Win = 65536 Len = 0
    2168 113.126155000 192.168.0.207 192.168.0.100 60 TCP ssh > 60000 [first] Seq = 3640 Win = 0 Len = 0
    2169 113.288979000 192.168.0.207 192.168.0.100 SSHv2 106 [TCP Retransmission] Encrypted response packet len = 52
    repeated several times
    and ends with:
    4660 225.774711000 192.168.0.207 192.168.0.100 SSHv2 106 [TCP Retransmission] Encrypted response packet len = 52

    What has also tried so far:

    network card switch in vm of e1000 to vmxnet3

    No iptables is active on the system

    I tried to install telnet deamon-> has the same problems that the ssh, ftp connection is weird too

    174601 699.510273000 192.168.0.207 192.168.0.100 SSHv2 106 [TCP Retransmission] Encrypted response packet len = 52
    296330 819.832237000 192.168.0.207 192.168.0.100 SSHv2 106 [TCP Retransmission] Encrypted response packet len = 52

    If many will be connected next to it, I will update this post.

    Hi PiT9000,

    Have you checked the duplicate MAC addresses?  Maybe the old Server 2008 may still run the same VMs filled to the same network...?

    See you soon,.

    --

    Darius

  • Problem of test Signal before using the TCP connection

    Right now my application uses a SocketConnection TCP to communicate with a remote server.  It works fine, but I'm trying to make sure that my program can correctly handle the situation to move to an area with no coverage.

    When I run my application, if I uncheck the box "on the cover" for GSM and CDMA under Network properties, my app fine until it calls the OutputStreamWriter.write () function to send something on the socket connection.  I have it in a try/catch block, but it just seems to hang instead of throwing an exception.

    How can I check the signal before attempting to send data on the SocketConnection?

    To facilitate clear life upwards, here's the order of what happens:

    1 application starts on the cover.

    2 SocketConnection made successfully.

    3 OutputStreamWriter successfully SocketConnection.

    4. coverage is lost

    5 OutputStreamWriter.write () is called, but freezes instead of throwing an exception.

    The socket connection output stream write operations do not throw an exception when there is no coverage is the correct behavior. That's because on cellular networks the IP tunnel to the carrier (and therefore the TCP connections on this tunnel) survives loss of coverage. For example, if your application opens a connection TCP from a BlackBerry, then the BlackBerry loses coverage, then take cover, say, 1 minute later, the TCP connection opened by your application will continue works fine, unless intermediate network component or your server closes the connection due to inactivity.

  • Connection problem: The DHCP service does not work.

    Original title: connection problem

    After got rid of a virus, my computer is always trying to get the network address. I found that the DHCP service does not work on my computer. How can I reinstall. I am running windows xp service pack 3

    Hello

    Follow these steps and check if they help.

    Step 1:

    Look for the DHCP Client service and DNS Client Services if they are started.

    a. Click Start.
    b. click on run and type Services.
    c. click right on - run as administrator.

    Check if the below mentioned services has mentioned State and type start.

    Client DHCP started Automatic\Manual.
    Client DNS started Automatic\Manual.

    Also check the dependency that are required for the DHCP Client services and DNS Client Service runs.

    To verify that double-click the service, and click the Dependencies tab.

    Step 2:

    I suggest you to reset TCP/IP settings to solve the problem.

    How to reset the Protocol Internet (TCP/IP)

  • LJ pro M177fw: eprint center connection problem

    Hello

    today I am trying to add my new printer to my eprint account, but I do not remember my pwd, so I want to co reset the password.

    By e-mail, I received a link

    http://h30495.www3.HP.com/reset_password/xxxxxxxxxxxxxxx

    but it didn't work, the Web server show this error:

    SERVER ERROR

    Oops! Only, something was wrong with our server.

    Try refreshing the page.

    I tried different browser and pc, but I can not reset my pwd.

    Is there a solution to this problem?

    Is the server down for ever?

    Thank you and best regards.

    Roberto

    Hey @Roberto_ITALY,

    Thanks for posting in the Forum from HP Support.

    I understand that you are unable to claim your HP Color LaserJet Pro MFP M177fw in your account ePrint Center due to a connection problem.  I would like to help.

    I don't see this particular error with password resets from time to time.  I have a workaround that can clear up this place for you:

    • Click here.  This will bring you to <www.snapfish.com >.  As the Snapfish site is linked directly with ePrint Center and HP connected, you can try to reset your password as follows - click the connection icon and then "forgot your password":

    • Enter the e-mail address that you use to connect to the ePrint Center and click on submit.
    • You should receive a message of automatic reset of password by email - the reset as expected before and then try to use this new password to Snapfish to connect downtown ePrint.
    • If this does not solve your problem of access ePrint Center, please call our Cloud Services to 855-785-2777. If you do not live in the United States / Canada region, please click the link below to get help from your region number.

      http://WWW8.HP.com/us/en/contact-HP/WW-phone-assist.html

    I hope this helps.  If my suggestion worked in your favor, feel free to give me a virtual h.o.t. by clicking on the 'Thumbs Up' icon below.

    Have a great day!

  • Satellite L10-119: OKI 8w Lite printer connection problem

    I have the Toshiba Satellite L10-119 series. I use it with 8W OKI printer. The printer works on USB port. Every day, when I print a ~ 10 pages of the judgment of the printer and XP driver display statement "connection problem". Currently, OKI prints all pages. Only restart helps XP on.

    The operating system is Windows XP and printer has an OKI dedicated for XP drivers. Other USB devices are working properly. I reinstall the Intel chipset drivers, I checked the printer on the other ports.

    Please send a sollution mail: michaljaniszek (at) walla (dot) com

    Hello

    You suggested that all other USB devices work properly on this unit.
    In this case, I guess that it s not a Satellite L10 problem but the OKI printer problem.
    Unfortunately, Toshiba is not responsible for the 3rd party hardware or software.

    However, I studied a bit on the net and found a few questions about the OKI printer problems. There are different issues and all have suggested contacting the OKI support. Well, in my opinion you should also ask the support. There may be more recent driver. Check it out.

    Good luck

  • Y410P WLAN intel centrino 2230 major connection problem

    A few months ago, I bought my ideapad y410p and was very happy with her on the set of some time. Just last month my wireless has acted significantly upward, and I have no idea of what is happening.

    My home wireless router has been no change, but now on all other nights my computer does not connect to the router. He gets stuck in a constant state of connect, omitting and try again. I tried to go back to previous drivers, reinstall the most recent drivers, changing the network settings, diabling bluetooth, via the settings for my router and nothing does.

    The strangest part is that some evenings, it works very well! And also I've never had no problems during one of my tasks. Easily, it connects and works throughout the day without interruption. I thought that's something specific to the router I had at my home (keep in mind all my roommates and tablets and phones laptops have zero connectivity issues, as well as my phone), but I just got back home from my parents for the holidays and my wifi doesn't work here either! She expresses herself only at random on which it won't work with routers.

    I read that in these computers wireless cards are terrible and that most people have problems with them, but this seems to be without solution, and I don't know even how to send Lenovo an email asking about the problem! Help me please!

    I think I solved the problem... at least temporarily. I had visited a friends house and checked his router to see if I could connect. It was a shit old router At & t who took supported only b/g connections and I connected with zero problems! Which lead me to think that had something to do with it.

    went into the settings for my router at home and changed the type of encryption WPA2 PSK (AES) + (RTK) or something else instead of just the AES (which it has been set to). After reset of the router, I had NO problem connecting to the network. The strange THING was that I turned back on it to AES only to check and see if it cuts off, but he didn't. Then I reset my wifi adapter and reconnected several times without any problems.

    I think that there is a kind of step 'identification', that is breaks down when it is only using the AES encryption... And now my card identifies the router and as the environment and thus even when he goes back to AES is already identified. Is it still a thing? All I know is that it's the weirdest thing ever. I'm just glad I have seem to have found a solution to the problem.

  • 63 error to TCP connection open in Simple data Client.vi when connecting to the network storage device.

    Hello

    I tried the simple data client and simple example of data server. I tried this example to connect to a NAS device. My laptop properly communicates with the device since I ping the address of the NAS device and discovered it works perfectly fine. Also, I put the static IP of my pc even as the NAS. So everything I've done. But when I run the program giving the ip address of a NAS device, it shows an error 63.

    Error 63 to TCP connection open in Simple data Client.vi

    Possible reasons: LabVIEW: serial port receive buffer overflow. = LabVIEW: the network connection was refused by the server.

    Why is happening. What can be done to solve this problem. Thanking you.

    vindsan wrote:

    What is the firewall of the SIN.

    Yes, it is very likely. Try disabling the firewall and try again. If the code works when you run the Server & client on your machine, but not when you run the server on your NAS and client on your machine (assuming you have entered the correct port for the NAS server), then it is very likely to be a firewall problem.

    vindsan wrote:

    Server that is listening is no longer VI also means what.

    Your VI server listens only once for a connection after receiving an incoming connection (or it expires after 60 years), he stops listening and the port will be more open for incoming connections - you must re - run the VI for another connection. With your code, you must run the VI server and then run the VI client in the 1960s, so it's not expire.

  • How to prevent a TCP connection that is closed when the VI who opened it terminated.

    Hello everyone.

    I'm developing an application based on the servers and clients communicate through TCP in LabVIEW 2012.

    When the Server/client opens a TCP connection, it starts an asynchronosly running "Connection Manager", to which connection reference that takes so all communication happening. It all works very well.

    -J' have a situation where a client connection manager can be informed of another 'new' server. I would like to open the connection (to see if it is still valid) and then pass this reference of connection to the main client code to spawn a new connection manager. This avoids lock me up the Client code main with an ish timeout if the 'new' server does not really accept connections.

    The problem is that if the connection manager that opens the connection to the 'new' server is stopped, then it seems to destroy the reference he opened. This means that the other connection manager that has been happily character with the 'new' server has closed TCP communications (I get an error code 1 on an entry).

    I created an example to illustrate the issue which should be used as follows:

    1 run server.vi - he will listen for a connection on the specified port on his comics.

    2. run Launcher.vi CH - it will open a connection to the server and pass the TCP reference to an instance of connection Handler.vi, which he started.

    3. the connection manager needs to send data to the server

    4. stop the Launcher.vi CH

    5. the will of Handler.vi connection error.

    Any suggestion would be appreciated.

    See you soon

    John

    Do not perform the opening and closing of the TCP connection in Subvi. Do this to master VI.

  • Error of TCP connection when sending MODBUS for WAGO controller 750-881 orders after 113655 bytes of data have been sent

    Hi all

    I'm new in the world of labview and trying to build a VI that sends commands to a controller of the WAGO 750-881 at regular intervals of 10 ms.

    To set each of the WAGO comics at the same time, I try so to send the Modbus fc15 command every 10ms using Labview standard TCP write module.

    When I run the VI it works for about a minute before receiving an error message 56 telling me the TCP connection has expired. This strange thought, I decided to record the number of bytes sent via the TCP connection while running the program. In doing so, I noticed that the link broken after exactly 113655 bytes of data have been sent each time.

    Thinking can I have sent too many messages, I increased the delay of the loop of 10ms to 20, 100 and 200 ms, but the error remained. I also tried to play with the TCP connection timeout and the writing TCP timeout, but none of these had no effect on the problem.

    I do not see why this error occurs, such as the program works perfectly up until what brand 113655 bytes.

    I've attached a screenshot of the base VI (simply showing a MODBUS command sent every second) and a more advanced VI (where I am able to control each of the WAGO manually by setting a frequency at which the DO is to switch between ON and OFF).

    If anyone has any ideas on where the problems lie, or that I could do to debug more program this would be greatly appreciated.

    AvdLinden wrote:

    Hi ThiCop,

    Yes, the error occurs after exactly 113655 bytes each time. Time-out control, I would like to use is 10ms, but even that will rise to 1 s or 10s does not error, which leads me to believe that's not the issue (as well, do not add any delay in the while loop, so let it run at the maximum speed showed that the TCP connection is able to send all the bytes 113655 in less than 3 seconds again directed towards control of time-out) is is not the issue here).

    I tried the suggestion of Marco but having difficulty to translate the string returned in a readable string (rightnow the answer given is "-# +" ' ").

    As for your second suggestion, I've implemented something similar, where I created a sub VI to establish a TCP connection, send a message and then close the connection. I have now to build each message and then send the string to the Subvi, which sends the command to my application successfully. While not the most elegant method to solve the problem, it solves the problem of time-out, which means that I am able to send as many orders as I want. So in this sense, the problem has been resolved.

    If you have advice on how to properly read the TCP read the output, I want however to see if I could not get my first program to work because it is slightly more robust in terms of timing.

    MODBUS RTU TCP is a binary protocol, as you show in your base VI, where you put in the form the data stream using byte values. So you have to interpret the returned answer accordingly with the Modbus RTU spec in the hand. Now what is probably happening is that the connection is suspended after a while because you do NOT read data from the device sends as response to your commands. The TCP/IP stack cushions these bytes and at certain point of overflow internal buffers and the connection is blocked by the battery. So to add playback of TCP in strategic locations (usually after each entry) is the right solution for this. Is there a reason any that you do not use the PROVIDED Modbus TCP library?

  • Why the customer does not receive the 1 d array sent by the server via a TCP connection?

    I have attached 3 screws:

    1 PC.vi (server)

    2 xbee.vi (client)

    3 CreateSetupPacket.vi (it generates a table of numeric values)

    #1 is executed first, followed by #2.

    #2 tent initiates a TCP connection to #1.  As soon as #1 it detects a "login ID" is created.

    #1 tries to send a package of 'setup' to #2 by the construction of a table.

    The problem is the client of xbee VI gets 0 bytes or "" empty string back.  What Miss me?

    Note that I was running the two VI on the same PC.  And it worked because the IP addresses were set to localhost.

    I don't know if a Windows Firewall affect TCP/IP communication in the same PC.  It is possible, I don't know.

    Firewalls can certainly affect communication between different PC whehter is a firewall in the routers on the network or in the Windows Firewall.  It is therefore useful to check in one more.  But as you say, I see nothing wrong with the code.

  • How to pass the ID of TCP connection in Secondary VI

    Hello

    I'm going through a TCP connection ID in a secondary VI, but was not successful.

    Here's the function I used:

    I managed to spend other control values in the VI but not the code TCP conn.

    Are there restrictions or other ways that I should do?

    Best regards

    Ken

    Hi Ken,

    Is "reference" a TCP connection ID? If so, the reference directly to the Ctrl Val.Set phone invoke node. No property value of the reference needed.

    It really works with connection TCP IDs.

    Hope this helps,

    Daniel

  • Windows Server 2008 R2 rejects all incoming TCP connections

    I am unable to connect via http, for example to a brand new installation of 64-bit Windows Server 2008. The server is in a domain, but is not a domain controller (which is another problem altogether).

    A specific example, IIS7 is running on the server and the site is accessible locally via http://localhost, but when I try to connect from another machine on the same subnet, the connection is denied, even if the Windows Firewall is disabled in all profiles.

    I am able to connect to and browse shared folders on the server by using Windows Explorer, it is not a user account or physical connection problem. I can ping other machines on the network from the server, but trying to ping the server causes another machine "Destination host unreachable".

    I have determined that the server refuses simply connections TCP from any other machine. I think, there must be some other configuration setting I'm missing...

    In the network and sharing Center, I see that my connection type is 'Internet', which can very well what is the problem, but I have no way to change that.

    Help, please!

    Hello

    You can find the Server forums on TechNet support, please create a new post at the following link:

    http://social.technet.Microsoft.com/forums/en/category/WindowsServer/

  • Modbus/TCP connection to the controller of power Eurotherm EPack

    There are examples of how to connect to a power controller Eurotherm EPack a modbus/TCP connection?

    I downloaded the Modbus LabVIEW ni_lib_modbus_library library - 1.1.3.32.vip and installed using VIPM.

    However, I am not familiar with the Protocol modbus and terminology such as coils, keeping records.

    I can't even properly run examples for Modbus master and slave to this library :-(

    Most important for me now is just to read the value of the artwork process.

    "ITools" Eurotherm controller software provides information about something I think are an address of memory the value of process I want to read.

    However, I have no idea how to set the various parameters to get successfully connect and read the value of the process.

    Trying to solve my problem, I managed to have basic communication and engineering data conversion.

    Now I can read values of process as the power line frequency, voltage and others.

    Once you know, it's very simple (once you have the modbus library)

    Some things that remain unclear:

    -What values are 32-bit and 16-bit?

    -is the method of addressing identical for all parameters?

    -is it the same for reading and writing?

    I would like to be able to write the target value, for example.

    I'll contact the seller for these outstanding issues. The manual is not really clear (at least not for me). He mentions that some values may be treated differenly (they 16bits, but globally, so 5001 with a scale factor of 100 means actually 50.01 for example).

    See the attachment for reading cover base.

Maybe you are looking for