02-25-2003 06:02 AM - edited 03-09-2019 02:14 AM
hello,
i am having some odd errors in a pix 515e log that states:
"Deny inbound (No xlate) udp src outside:192.168.2.1/137 dst outside:192.168.2.255/137"
the 2.1 address is from the vpn remote address pool. so it looks like the remote address is try to do netbios to the broadcast address of the ip pool.
anyone know what i can do to fix the problem? it is an annoyance more than anything. call me crazy but i like to see few errors on the logs.
thanks as bunch
03-03-2003 01:06 PM
This message appears under normal conditions when internal users are using web browsers. It does not affect the performance however. Here's an extract from one of the documents on the error.
%PIX-7-106011: Deny inbound (No xlate) chars
Explanation : The message will appear under normal traffic conditions if there are internal users that are accessing the Internet via a web browser. Anytime a connection is reset, when the host at the end of the connection sends a packet after the PIX Firewall receives the reset, this message will appear. It can typically be ignored.
Action : Disable this syslog message from getting logged to the syslog server by entering the no logging message 106011 command.
For a detailed account of the interpretation of the error messages on a PIX, you could use the following document. I found it very useful and I hope it would clarify doubts regarding other error that you might see.
http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_62/syslog/pixemsgs.htm
03-03-2003 01:29 PM
yes. this was quite helpful. thanks a bunch.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: