Forum Discussion
HI Sunil
It seems the f5 vip I would assume is 14.143.140.54 is responding to syn message from the client as you can see below, then your external client is sending a connection reset. You say on the external client packet capture you just see the syn message out, if you dont see the syn ack from the vip or from this ip 14.143.140.54 then it most likely a routing issue or an upstream firewall blocking the connection.
CLIENT SYN capture size 65535 bytes 13:38:34.941681 IP (tos 0x68, ttl 118, id 16746, offset 0, flags [DF], proto TCP (6), length 52) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [S], cksum 0xfa04 (correct)
SERVER ACK 13:38:34.942199 IP (tos 0x0, ttl 128, id 14983, offset 0, flags [DF], proto TCP (6), length 48) 14.143.140.54.3389 > 223.228.180.23.47419: Flags [S.]
RESET FROM CLIENT
cksum 0x1390 (correct), seq 4237623524, ack 3437007771, win 8192, options [nop,wscale 8,nop,nop,sackOK], length 0 in slot1/tmm2 lis= 13:38:37.853128 IP (tos 0x0, ttl 255, id 19741, offset 0, flags [DF], proto TCP (6), length 40) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [R.], cksum 0x2edc (incorrect -> 0x5ca3), seq 1, ack 1, win 0, length 0 out slot1/tmm2 lis=
Question 1: firewall default gateway is F5.
Question 2: for the outbound traffic we the default VIP 0.0.0.0/0.
Testing the icmpnis working from the external client. But when we are trying to for the RDP connection we the connection reset from the external client.