- Silver, 250 points or more
i activated syslog in my PIX.
i am receiving many syslog msg in this format:
deny tcp source outside:PBIP/80 dest inside:MyPBIP/rndport
where PBIP is a public IP and MyPBIP is the public IP of my external interface in PIX.
they seems to be like data packets coming from web servers. they should pass and come to internal clients.
some PBIP belong to yahoo or google, so they do noy seems to be like an attack if we are sure they r not spoofed.
but why pix drops this packets? do they arrive late so it considers them out of connection?
any comment? thanks