Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

System log messages PIX ver 7.0.4(9)

Anyone have a good link to sysylog messages for this version?

We are seeing some that don't show up in either the 7.0 or 7.1 documentation that I can find online.

They appear to be normal but are at the Warning severity level.

Cisco Employee

Re: System log messages PIX ver 7.0.4(9)

The syslog message documentation will not differ for an interim release, in fact we don't release documentation for interim releases. If you're seeing syslog messages that aren't in either the 7.0 or 7.1 documentation then we have a documentation bug that we'll need to fix.

Can you send me the syslog output (you can xxxx out any IP addresses, but please include the full syslog message), I'll open up a bug and have them included in the documentation. I'll also get back to you with their meaning.

New Member

Re: System log messages PIX ver 7.0.4(9)

Thanks for the help. The messages are included below. We had opened a TAC due to getting swamped with 419002 message and asked about these other two as well. Just got that reply this moring. Apparently these two already have bug reports opened but I found one bug-id to be invalid...

From Tac

"For syslog message 313005, CSCsd63452 was filed, and for syslog message 507002, CSCsc78010

was filed."


We were having a problem with our DNS server yesterday so that may be the root cause of the first one.

%PIX-4-313005: No matching connection for ICMP error message: icmp src resnete1:aaa.bbb.58.13 dst inside:Name_Server_1 (type 3, code 3) on resnete1 interface. Original IP payload: udp src Name_Server_1/53 dst aaa.bbb.58.13/3439.

%PIX-4-507002: Moving connection from resnete1:aaa.bbb.26.182/1111 to outside: to non-proxy mode - reassembly limit of 8192 bytes exceeded at location 2, reassembled length 8192 bytes.

This is the one we are getting swamped with but only from one portion of our network. It is documented but we weren't getting these before moving to this version.

%PIX-4-419002: Duplicate TCP SYN from resnete1:aaa.bbb.22.158/1632 to outside: with different initial sequence number

CreatePlease to create content