Hello Jan
The first thing you can do is to check if there are any access lists that are blocking the particular IP address, or port. If not, you can then use syslog to see why the connection was refused. You can temporarily reduce the syslog severity to debug or informational and set the terminal monitor on so you can see the output in the CLI. Then try to log in and see the reason for the refusal.
The RST flag on the TCP packet does give us some clues however. Barring any malicious attacks, there are two primary reasons why you would see an RST flag:
- The packet is an initial SYN packet trying to establish a connection to a server port on which no process is listening.
- The packet arrives on a TCP connection that was previously established, but the local application already closed its socket or exited and the OS closed the socket.
The most likely case is that the router is not listening on that port. If that is the case, make sure that netconf is enabled on the router.
I hope this has been helpful!
Laz