Checked the server internally and it works, so I can rule that problem out. From the sniffer, it looks like the firewall (208.72.XXX.1) is sending the FIN, ACK first and the client is responding.
I removed changed the virtual port on the VIP config to port 80 and moved the web ui port to another. When I did this, I was able to access the internal web server from outside using port 80. I changed back the virtual port to 90 and ran the snoop commands.
Still no success accessing the webserver using port 90. Below is the results of a snoop session.
SSG-cluster1:Grenada-SSG-1(M)-> get db str
7017884.0: ethernet1/0(i) len=66:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8744, frag=4000, ttl=125 tlen=52
tcp:ports 61892->90, seq=2073735551, ack=0, flag=8002/SYN
7017884.0: ethernet1/3(i) len=70:00105a1461fc->0010dbff20b3/8100/0800, tag 6
172.16.6.26 -> 63.245.XXX.96/6
vhl=45, tos=00, id=0, frag=4000, ttl=64 tlen=52
tcp:ports 80->61892, seq=2186208781, ack=2073735552, flag=8012/SYN/ACK
7017884.0: ethernet1/0(i) len=60:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8745, frag=4000, ttl=125 tlen=40
tcp:ports 61892->90, seq=2073735552, ack=2186208782, flag=5010/ACK
7017884.0: ethernet1/0(i) len=446:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8746, frag=4000, ttl=125 tlen=432
tcp:ports 61892->90, seq=2073735552, ack=2186208782, flag=5018/ACK
7017884.0: ethernet1/3(i) len=64:00105a1461fc->0010dbff20b3/8100/0800, tag 6
172.16.6.26 -> 63.245.XXX.96/6
vhl=45, tos=00, id=44393, frag=4000, ttl=64 tlen=40
tcp:ports 80->61892, seq=2186208782, ack=2073735944, flag=5010/ACK
7017885.0: ethernet1/3(i) len=483:00105a1461fc->0010dbff20b3/8100/0800, tag 6
172.16.6.26 -> 63.245.XXX.96/6
vhl=45, tos=00, id=44394, frag=4000, ttl=64 tlen=465
tcp:ports 80->61892, seq=2186208782, ack=2073735944, flag=5018/ACK
7017885.0: ethernet1/0(i) len=66:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8747, frag=4000, ttl=125 tlen=52
tcp:ports 61893->80, seq=2602272337, ack=0, flag=8002/SYN
7017886.0: ethernet1/0(i) len=60:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8748, frag=4000, ttl=125 tlen=40
tcp:ports 61892->90, seq=2073735944, ack=2186209207, flag=5010/ACK
7017888.0: ethernet1/0(i) len=66:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8749, frag=4000, ttl=125 tlen=52
tcp:ports 61893->80, seq=2602272337, ack=0, flag=8002/SYN
7017894.0: ethernet1/0(i) len=62:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8750, frag=4000, ttl=125 tlen=48
tcp:ports 61893->80, seq=2602272337, ack=0, flag=7002/SYN
7017900.0: ethernet1/3(i) len=64:00105a1461fc->0010dbff20b3/8100/0800, tag 6
172.16.6.26 -> 63.245.XXX.96/6
vhl=45, tos=00, id=44395, frag=4000, ttl=64 tlen=40
tcp:ports 80->61892, seq=2186209207, ack=2073735944, flag=5011/FIN/ACK
7017900.0: ethernet1/0(i) len=60:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8751, frag=4000, ttl=125 tlen=40
tcp:ports 61892->90, seq=2073735944, ack=2186209208, flag=5010/ACK
7017902.0: ethernet1/0(i) len=60:001db5a7c3f0->0010dbff2083/0800
63.245.XXX.96 -> 208.72.XXX.1/6
vhl=45, tos=00, id=8752, frag=4000, ttl=125 tlen=40
tcp:ports 61892->90, seq=2073735944, ack=2186209208, flag=5011/FIN/ACK
7017902.0: ethernet1/3(i) len=64:00105a1461fc->0010dbff20b3/8100/0800, tag 6
172.16.6.26 -> 63.245.XXX.96/6
vhl=45, tos=00, id=44396, frag=4000, ttl=64 tlen=40
tcp:ports 80->61892, seq=2186209208, ack=2073735945, flag=5010/ACK
Message Edited by maclan13 on 02-08-2009 01:22 PM