Forum Discussion
HI Sunil
It seems the f5 vip I would assume is 14.143.140.54 is responding to syn message from the client as you can see below, then your external client is sending a connection reset. You say on the external client packet capture you just see the syn message out, if you dont see the syn ack from the vip or from this ip 14.143.140.54 then it most likely a routing issue or an upstream firewall blocking the connection.
CLIENT SYN capture size 65535 bytes 13:38:34.941681 IP (tos 0x68, ttl 118, id 16746, offset 0, flags [DF], proto TCP (6), length 52) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [S], cksum 0xfa04 (correct)
SERVER ACK 13:38:34.942199 IP (tos 0x0, ttl 128, id 14983, offset 0, flags [DF], proto TCP (6), length 48) 14.143.140.54.3389 > 223.228.180.23.47419: Flags [S.]
RESET FROM CLIENT
cksum 0x1390 (correct), seq 4237623524, ack 3437007771, win 8192, options [nop,wscale 8,nop,nop,sackOK], length 0 in slot1/tmm2 lis= 13:38:37.853128 IP (tos 0x0, ttl 255, id 19741, offset 0, flags [DF], proto TCP (6), length 40) 223.228.180.23.47419 > 14.143.140.54.3389: Flags [R.], cksum 0x2edc (incorrect -> 0x5ca3), seq 1, ack 1, win 0, length 0 out slot1/tmm2 lis=
Thanks for the Diagram, lets take it a step back now
client ip X.X.X.X destination 14.143.140.54.3389 question is the destination ip 14.143.140.54 a nat ip configured on the firewall that nat's the inbound connection to 14.143.140.54 to the server 192.168.10.10/24 ?
by the looks of your diagram the default gateway is the f5 question if this is the case does the f5 have a forward ip virtual server configuration ? to allow the firewall outbound connection to the routers