RE: Need to get application past firewall
- From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 19 Feb 2002 23:40:29 -0600
Hi Brian,
A single frame isn't too helpful :-)
The packet filter and firewall logs would be a lot more helpful. Even
more helpful would be to tell where this site and application is so that
we can test it.
HTH<
Tom
www.isaserver.org/shinder
-----Original Message-----
From: brianh@xxxxxxxxxxxxxxxxxxx [mailto:brianh@xxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, February 19, 2002 11:02 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Need to get application past firewall
http://www.ISAserver.org
Hello all,
I have a firewall setup doing nat with an outside static ip. I have
internet access and all seems ok except for one thing. We run one
application that connects to the internet to a server on port 2010 for
information and port 80 for images. I have not been able to get the
application to communicate through the firewall. I know of people
running
behind a nated router from there isp and all is ok. I see it logging in
the NT event log that it is dropping packets but nothing showes up in
the
ISA logs to indicate why they are being dropped? Bellow is a capture of
the packet leving the computer on the way to the firewall. I have
opened
up the firewall as far as I no how and still no luck. Help!!!
4 5.686987 LOCAL 00105A703632 TCP ....S., len: 0,
seq:1883033075-1883033075, ack: 0, win:16384, src: 2673
dst: 2010 BRIAN 63.89.49.205 IP
Frame: Base frame properties
Frame: Time of capture = 2/19/2002 20:50:30.627
Frame: Time delta from previous physical frame: 0 microseconds
Frame: Frame number: 4
Frame: Total frame length: 62 bytes
Frame: Capture frame length: 62 bytes
Frame: Frame data: Number of data bytes remaining = 62 (0x003E)
ETHERNET: ETYPE = 0x0800 : Protocol = IP: DOD Internet Protocol
ETHERNET: Destination address : 00105A703632
ETHERNET: .......0 = Individual address
ETHERNET: ......0. = Universally administered address
ETHERNET: Source address : 005004D4C31E
ETHERNET: .......0 = No routing information present
ETHERNET: ......0. = Universally administered address
ETHERNET: Frame Length : 62 (0x003E)
ETHERNET: Ethernet Type : 0x0800 (IP: DOD Internet Protocol)
ETHERNET: Ethernet Data: Number of data bytes remaining = 48
(0x0030)
IP: ID = 0xF1A1; Proto = TCP; Len: 48
IP: Version = 4 (0x4)
IP: Header Length = 20 (0x14)
IP: Precedence = Routine
IP: Type of Service = Normal Service
IP: Total Length = 48 (0x30)
IP: Identification = 61857 (0xF1A1)
IP: Flags Summary = 2 (0x2)
IP: .......0 = Last fragment in datagram
IP: ......1. = Cannot fragment datagram
IP: Fragment Offset = 0 (0x0) bytes
IP: Time to Live = 128 (0x80)
IP: Protocol = TCP - Transmission Control
IP: Checksum = ERROR: CheckSum is 0x0000, Should be 0xCD42
IP: Source Address = 192.168.10.21
IP: Destination Address = 63.89.49.205
IP: Data: Number of data bytes remaining = 28 (0x001C)
TCP: ....S., len: 0, seq:1883033075-1883033075, ack: 0,
win:16384, src: 2673 dst: 2010
TCP: Source Port = 0x0A71
TCP: Destination Port = 0x07DA
TCP: Sequence Number = 1883033075 (0x703CCDF3)
TCP: Acknowledgement Number = 0 (0x0)
TCP: Data Offset = 28 (0x1C)
TCP: Reserved = 0 (0x0000)
TCP: Flags = 0x02 : ....S.
TCP: ..0..... = No urgent data
TCP: ...0.... = Acknowledgement field not significant
TCP: ....0... = No Push function
TCP: .....0.. = No Reset
TCP: ......1. = Synchronize sequence numbers
TCP: .......0 = No Fin
TCP: Window = 16384 (0x4000)
TCP: Checksum = 0xB6C0
TCP: Urgent Pointer = 0 (0x0)
TCP: Options
TCP: Maximum Segment Size Option
TCP: Option Type = Maximum Segment Size
TCP: Option Length = 4 (0x4)
TCP: Maximum Segment Size = 1460 (0x5B4)
TCP: Option Nop = 1 (0x1)
TCP: Option Nop = 1 (0x1)
TCP: SACK Permitted Option
TCP: Option Type = Sack Permitted
TCP: Option Length = 2 (0x2)
00000: 00 10 5A 70 36 32 00 50 04 D4 C3 1E 08 00 45 00
..Zp62.P......E.
00010: 00 30 F1 A1 40 00 80 06 00 00 C0 A8 0A 15 3F 59
.0..@.........?Y
00020: 31 CD 0A 71 07 DA 70 3C CD F3 00 00 00 00 70 02
1..q..p<......p.
00030: 40 00 B6 C0 00 00 02 04 05 B4 01 01 04 02 @.............
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
