Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Syslog Messages %PIX-3-106011

I upgraded a PIX 515 from 5.1(4) to 6.0(1) and now I am seeing some strange syslog messages at the rate of about 200/hour. The message is as follows:

%PIX-3-106011: Deny inbound (No xlate) tcp src outside:216.52.4.52 (Unresolved) /80 dst outside:X.X.X.250 (test.mycompany.com) /7943

The test.mycompany.com host is my NAT address for inside. I am quessing that the xlate is timing out but I used to never get this message before I upgraded to PIX 6.0 and the xlate timeout is the same on the old version and the new version. Anyone have any ideas on why this message is bombing my syslog server.

2 REPLIES
New Member

Re: Syslog Messages %PIX-3-106011

If the log entry is similar to "PIX-3-106011: Deny inbound (No xlate) tcp src outside:x.x.x.x/2657 dst outside:y.y.y.y/80", you are dropping "CodeRed" packets.

Cisco advisory.

http://www.cisco.com/tac/newsflash/codered_secadvisory_08162001.html

New Member

Re: Syslog Messages %PIX-3-106011

Just wondering what if the message is the other way round ?

PIX-3-106011: Deny inbound (No xlate) tcp src outside:x.x.x.x/80 dst outside:y.y.y.y/2374

or when the port number are not 80 but others ?

Any idea on that ?

148
Views
0
Helpful
2
Replies
CreatePlease to create content