Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Packets with foreign destination and source hitting firewall.

Can someone explain this syslog entry? Both of these addresses are foreign to my network. Why would my firewall get a packet destined for 143.166.83.205 when that isn't within our public address range? In fact, how did this packet get past our router, which sits in front of the firewall? Again, neither of these addresses are within our network.

%PIX-3-106011: Deny inbound (No xlate) tcp src outside:12.81.212.97/1066 dst outside:143.166.83.205/80

thnx in advance for any insight....

1 REPLY

Re: Packets with foreign destination and source hitting firewall

Hi,

there are two possible ways why the packets reach your firewall:

- misconfiguration by your provider

- use of IP options in the header of the IP packets. You can specify in the IP header which path (which routers) the packet should use to reach it's final destination. This is used in some kind of attacks that use IP Spoofing.

Kind Regards,

Tom

90
Views
5
Helpful
1
Replies