this message is logged when the PIX Firewall discards a packet with an invalid source address. Invalid sources addresses are those addresses belonging to the following:
Loopback network (127.0.0.0)
Broadcast (limited, net-directed, subnet-directed, and all-subnets-directed)
The destination host (land.c)
Try putting a sniffer in front of the pix and look for packets coming from 127.0.0.1. If you see that kind of packets, try to determine the MAC address of the packets. Using the MAC address you can determine the pc that is sending the packets.
Yes, this is correct, the MAC-address you will see when using a sniffer is the MAC-address of the last layer-3 device the IP-packet passes. Since this is your border router, it seems that your border router is passing traffic that uses the loopback address as source address 127.0.0.1
The one sending the packet obviously resides behing your router (from PIX point of view), so, you would have to snif in front of your router to see the MAC-address of the device sending the packets.
Bytheway, this kind of suspicious traffic usely is an indication that clients are infected with some kind of worm and trying to explore the network. So, checking for the known worms on the client would be your next step when you discovered the one sending it.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :