wondering if anyone has run into this before on their PIX firewalls. Our VPN users use a windows 2000 VPN system. Our syslogs are overrun with errors similar to the following:
No translation group found for udp src dmz:10.1.3.6/2803 dst outside:22.214.171.124/53
In this case, 10.1.3.6 represents a VPN client and from these logs it appears they are trying to reach their ISP's DNS server. What seems to happen is that 10-14 of these errors wil appear in a 10-20 sec interval of time and then they will keep reoccurring every 5, 10, 20 mins.
Under the VPn profile, we can deselect the option of "use default gateway on remote network", which will force the VPN clients to send these DNS requests over their ISPs network. This is a band aid for the problem, because we are not getting to the root of the problem of where these DNS requests are coming from. Also, by deselecting this option, it can lead to potential security problems in itself.
Any idea what could be causing so many DNS requests from these clients?