I have noticed since this morning in my PIX 515E a lot of unknown udp connections with D flag (750 - 800 connections). These connections are from my ISA global IP Address to three global IP Addresses 188.8.131.52, 184.108.40.206 & 220.127.116.11. All of these connections have source port 3188. does anyone know any relevant issue?
The number of the relevant connections get raised continuously. This is the first time since 3 years that i have too many connections like these to DNS Servers. In addition i have configured the ISA's network properties with another DNS IP Addresses. And of course i believe that it is not uncommon all of these connections start with the same source udp port. And something more: why the replies of these dns connections have source port other from udp 53?
Is there any way to control these connections from PIX?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...