Thanks for the tips, Tom.
Here is the tcpdump -n output on the dmz computer - this gets repeated
several times as the remote computer attempts to connect:
18:11:54.264580 66.113.134.243.55080 > 192.168.2.1.8082: S
3210481212:3210481212(0) win 5840 <mss 1460,sackOK,timestamp 65650966
0,nop,wscale 0> (DF)
18:11:54.264696 192.168.2.1.8082 > 66.113.134.243.55080: S
2765561851:2765561851(0) ack 3210481213 win 16060 <mss 1460,sackOK,timestamp
8845122 65650966,nop,wscale 0> (DF)
18:11:55.336674 192.168.2.1.8082 > 66.113.134.243.55036: S
2746570128:2746570128(0) ack 3199662822 win 16060 <mss 1460,sackOK,timestamp
8845230 65648857,nop,wscale 0> (DF)
18:11:57.257425 66.113.134.243.55080 > 192.168.2.1.8082: S
3210481212:3210481212(0) win 5840 <mss 1460,sackOK,timestamp 65651266
0,nop,wscale 0> (DF)
18:11:57.257466 192.168.2.1.8082 > 66.113.134.243.55080: S
2765561851:2765561851(0) ack 3210481213 win 16060 <mss 1460,sackOK,timestamp
8845422 65650966,nop,wscale 0> (DF)
18:11:57.336673 192.168.2.1.8082 > 66.113.134.243.55080: S
2765561851:2765561851(0) ack 3210481213 win 16060 <mss 1460,sackOK,timestamp
8845430 65650966,nop,wscale 0> (DF)
Here is the tcpdump -n output on the firewall computer on eth2, which is the
dmz interface:
22:53:03.075498 66.113.134.243.54050 > 192.168.2.1.8082: S
2671448490:2671448490(0) win 5840 <mss 1460,sackOK,timestamp 65598444
0,nop,wscale 0> (DF)
22:53:03.076148 192.168.2.1.8082 > 66.113.134.243.54050: S
2211166562:2211166562(0) ack 2671448491 win 16060 <mss 1460,sackOK,timestamp
8792600 65598444,nop,wscale 0> (DF)
22:53:06.067528 66.113.134.243.54050 > 192.168.2.1.8082: S
2671448490:2671448490(0) win 5840 <mss 1460,sackOK,timestamp 65598744
0,nop,wscale 0> (DF)
22:53:06.067884 192.168.2.1.8082 > 66.113.134.243.54050: S
2211166562:2211166562(0) ack 2671448491 win 16060 <mss 1460,sackOK,timestamp
8792899 65598444,nop,wscale 0> (DF)
22:53:06.368703 192.168.2.1.8082 > 66.113.134.243.54050: S
2211166562:2211166562(0) ack 2671448491 win 16060 <mss 1460,sackOK,timestamp
8792930 65598444,nop,wscale 0> (DF)
22:53:12.068541 66.113.134.243.54050 > 192.168.2.1.8082: S
2671448490:2671448490(0) win 5840 <mss 1460,sackOK,timestamp 65599344
0,nop,wscale 0> (DF)
22:53:12.068899 192.168.2.1.8082 > 66.113.134.243.54050: S
2211166562:2211166562(0) ack 2671448491 win 16060 <mss 1460,sackOK,timestamp
8793499 65598444,nop,wscale 0> (DF)
22:53:12.869708 192.168.2.1.8082 > 66.113.134.243.54050: S
2211166562:2211166562(0) ack 2671448491 win 16060 <mss 1460,sackOK,timestamp
8793580 65598444,nop,wscale 0> (DF)
Finally, here is the tcpdump -n output on the firewall computer on eth0,
which is the external interface:
22:54:38.383115 68.232.139.98.80 > 66.113.134.243.54050: S
2211166562:2211166562(0) ack 2671448491 win 16060 <mss 1460,sackOK,timestamp
8802130 65598444,nop,wscale 0> (DF)
22:54:41.202241 66.113.134.243.54050> 68.232.139.98.80: S
2771835465:2771835465(0) win 5840 <mss 1460,sackOK,timestamp 65608256
0,nop,wscale 0> (DF)
22:54:41.202980 68.232.139.98.80 > 66.113.134.243.54050: S
2311317302:2311317302(0) ack 2771835466 win 16060 <mss 1460,sackOK,timestamp
8802411 65607356,nop,wscale 0> (DF)
22:54:41.883619 68.232.139.98.80 > 66.113.134.243.54050: S
2311317302:2311317302(0) ack 2771835466 win 16060 <mss 1460,sackOK,timestamp
8802480 65607356,nop,wscale 0> (DF)
Once again, any and all help is greatly appreciated...
-matt
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.732 / Virus Database: 486 - Release Date: 7/29/2004