Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Understanding PIX logs

I am not sure if this is were I need to put this conversation....

I have been running a PIX for about a year now and have just started seeing lines in the log that I am not sure what it is saying. It looks like a IP address on the internet is connecting UDP to a server inside the firewall. Am I reading this right?

Here is a copy of the line:

2004-03-23 07:56:20 Local4.Info xxx.xxx.xxx.x %PIX-6-302015: Built outbound UDP connection 7050692 for outside:219.137.188.74 (Unresolved) /137 (219.137.188.74 (Unresolved) /137) to inside:xxx.xxx.xxx.xx (ps-syslog) /137 (xxx.xxx.xxx.xx (ps-syslog) /137)

I am not sure if this is a problem of not. I think I am confused on the word "outbound" here. Could anyone rest my worries on this?

Thanks

John

(I have removed my IP info for my security as anyone could see this post)

1 REPLY
Cisco Employee

Re: Understanding PIX logs

"Outbound" refers to traffic flowing from any higher-security interface (inside) to any lower security interface (outside).

The above message means your inside host initiated a connection to 219.137.188.74 on port 137, using a source port of 137.

For an explanation of all syslog messages, use this link (note the above message is number 302015, so search accordingly):

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/63syslog/pixemsgs.htm

83
Views
0
Helpful
1
Replies
CreatePlease to create content