Help with "sho conn" flag (PIX 7.x)

Hello,

I'm hoping someone here can help me figure what might be happening here.
Source folks initiate a telnet session and they're saying they see the
packets go out on their FW, but unable to make a connection. On my FW, I do
a "sho conn", and I see the connection but it shows a "UB" flag.

The command reference guide shows:

U : Up
B : initial SYN from outside

Could someone help me determine what this might mean?

Thanks!

Re: Help with "sho conn" flag (PIX 7.x)

"Jon Doe" wrote in message
news:eoSdnX9Us8-KpWrYnZ2dnUVZ_g6dnZ2d@comcast.com...
>
> Hello,
>
> I'm hoping someone here can help me figure what might be happening here.
> Source folks initiate a telnet session and they're saying they see the
> packets go out on their FW, but unable to make a connection. On my FW, I
> do a "sho conn", and I see the connection but it shows a "UB" flag.
>
> The command reference guide shows:
>
> U : Up
> B : initial SYN from outside
>
> Could someone help me determine what this might mean?
>
> Thanks!

If you are seeing the connection on your firewall then it looks good. Try
snooping the traffic on the server that they are telneting to. Can that
server reply to the host? Does it have it's default gateway set?

Chris.

Re: Help with "sho conn" flag (PIX 7.x)

chris wrote:

> If you are seeing the connection on your firewall then it looks good. Try
> snooping the traffic on the server that they are telneting to. Can that
> server reply to the host? Does it have it's default gateway set?

or a route back to the source?
do you have a route back to the server?
is the server replying to clients in its own LAN?


M