Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
203
Views
0
Helpful
1
Replies

Understanding PIX logs

admin_2
Level 3
Level 3

‎03-23-2004 06:07 AM - edited ‎02-20-2020 11:18 PM

I am not sure if this is were I need to put this conversation....

I have been running a PIX for about a year now and have just started seeing lines in the log that I am not sure what it is saying. It looks like a IP address on the internet is connecting UDP to a server inside the firewall. Am I reading this right?

Here is a copy of the line:

2004-03-23 07:56:20 Local4.Info xxx.xxx.xxx.x %PIX-6-302015: Built outbound UDP connection 7050692 for outside:219.137.188.74 (Unresolved) /137 (219.137.188.74 (Unresolved) /137) to inside:xxx.xxx.xxx.xx (ps-syslog) /137 (xxx.xxx.xxx.xx (ps-syslog) /137)

I am not sure if this is a problem of not. I think I am confused on the word "outbound" here. Could anyone rest my worries on this?

Thanks

John

(I have removed my IP info for my security as anyone could see this post)

0 Helpful
1 Reply 1

gfullage
Cisco Employee
Cisco Employee

‎03-23-2004 05:46 PM

"Outbound" refers to traffic flowing from any higher-security interface (inside) to any lower security interface (outside).

The above message means your inside host initiated a connection to 219.137.188.74 on port 137, using a source port of 137.

For an explanation of all syslog messages, use this link (note the above message is number 302015, so search accordingly):

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63syslog/pixemsgs.htm

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card