08-08-2019 05:44 AM - edited 02-21-2020 09:22 AM
Greetings,
While I was checking the log of our ASA I found error messages like:
No matching connection for ICMP error message: icmp src insideNet:x.x.x.172 dst outside:8.8.8.8 (type 3, code 3) on insideNet interface. Original IP payload: udp src 8.8.8.8/53 dst x.x.x.172/59995.
They come in groups of 3-5, every few seconds, all apparently DNS lookups but always from the same host. Before we pull the user over I was wondering if it could be something benign.
08-09-2019 07:45 AM
This is not a DNS request althought it is destined for Googles DNS address,
ICMP is essentially a Ping,
Here is some info on the types of ICMP messages involved.
Rate if you found this helpfull.
Steven
08-12-2019 05:08 AM
Sorry, not helpfull. I do know what a ping is. Also the error message is not caused by a ping from the inside because then there would be matching connection.
I found one related question:
Unfortunately I cannot access the upstream router as it belongs to our ISP.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide