08-03-2007 08:18 AM - edited 03-11-2019 03:53 AM
Hi,
I have a problem with a udp packet with source port 0.
It is a snmptrap packet:
Source port 0 and Destination pot 162
The pix 515 version 7 always blocks this packet with source port 0.
It is not an access-list who block it. The packet is block and the pix produce no log at all for this block.
Does anyone had experience this problem ?
And what is the solution ?
Thanks in advance
08-09-2007 10:14 AM
Dropping packets with UDP port 0 is normal behaviour because firewall products treat this as a security violation, and drop the packet. You may try to configure the traffic to use some other port or you may permit the UDP port 0 by applying an access-list.
08-16-2007 01:24 PM
Something like that happen to me in the past with OS 6.X with a Solaris box. When users try to established an Exceed session the PIX block the traffic. The X Windows use ports 0 and 1 for the displays. I had to call the TAC and it took 2 days to figure it out. The command that fix the problem was the established.
established command?This command allows return connections from a lower security host to a higher security host if there is already an established connection from the higher level host to the lower level host.
For same security interfaces, you can configure established commands for both directions.
This was the command I used:
established tcp 0 6000 permitto tcp 6000 permitfrom tcp 1024-65535
Still I don't know if it will resolve your issue because your traffic it's UDP.
Good Luck
HTH
08-17-2007 06:06 AM
I check and the established command supports udp. You can try this,
established udp 0 162 permitto udp snmptrap permitfrom udp 1024-65535
The caveat by using this command if I remember
right is that it will open those ports for any.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide