packets to blocked by firewall

Unanswered Question
Oct 7th, 2009
User Badges:


I am seeing quite a few of the following denied message logs:

Deny udp src inside: dst outside: by access-group "inside_access_in" is a well known address. Why would a machine be trying to send to that address?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ahassiotis1 Mon, 10/12/2009 - 01:31
User Badges:


It's obvious that this address is not routed.

If you are putting any comments please put technical details in.

The comment "it means you are being attacked" is wrong and not very usefull.

What I have discovered since posting this, is that since we have several domain controllers some of them over site to site VPNs and that since any of them can be used for authentication of a machine entering the network (and for DHCP), some machines on the local network will request authentication from the DC at the remote site ( In this case the packet arrives at the firewall and is being dropped there.



This Discussion