Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
243
Views
0
Helpful
1
Replies

PIX syslog showing bunches of port 110 being blocked

timm.benkula
Level 1
Level 1

‎03-03-2004 03:01 PM - edited ‎02-20-2020 11:16 PM

I have a PIX 515e running ver 6.3(3) and the syslog shows bunches(thousands a day) messages similar to this:

Mar 02 2004 00:21:40: %PIX-4-106023: Deny tcp src outside:X.X.X.X/110 dst inside:Y.Y.Y.Y/40713 by access-group "outside_access_in"

X.X.X.X is our mail server that is hosted elsewhere. Why is it blocking POP messages? No one is having any trouble receiving mail.

TIA

Timm

0 Helpful
1 Reply 1

laje
Level 1
Level 1

‎03-03-2004 03:24 PM

%PIX-4-106023: Deny protocol src [inbound-interface]:[src_address/src_port] dst outbound-interface:dst_address/dst_port [type {type}, code {code}] by access_group access-list-name

Explanation An IP packet was denied by the access-list.

Action Change permission of access-list if a permit policy is desired. If messages persist from the same source address, messages could indicate a foot printing or port scanning attempt. Contact the remote host administrator.

The above explanation should help. Feel free to attach ur PIX config so I can look into it in more detail.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card