02-13-2009 07:50 AM - edited 03-11-2019 07:50 AM
I see a lot of these messages, maybe hundreds per minutes. I feel this is not normal, but can never find any convincing information either way. Can anyone elaborate?
02-13-2009 08:00 AM
Can you tell us what message ID is associated with what you're seeing?
http://www.cisco.com/en/US/docs/security/pix/pix63/system/message/pixemsgs.html
02-13-2009 08:03 AM
02-13-2009 08:16 AM
Is this firewall on your network perimeter? Are all of these messages being generated from the same source IP address? Same destination IP? Same source or destination port?
02-13-2009 08:28 AM
This is our perimeter which then interfaces another LAN. Another firewall is used at the internet perimeter. The addresses are not the same, although you see a cluster of denies (between 2 and 6 for each deny). We had an explicit deny any any log entry at the end of the outside rules. I just disabled this and noticed a significant drop in the logged traffic. I'm not sure this is just a band-aid to the real issue though.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide