Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
421
Views
0
Helpful
1
Replies

help,about the warning of PIX

jeff.lee
Level 1
Level 1

‎08-27-2003 07:01 PM - edited ‎02-20-2020 10:57 PM

I use the logging to a syslog server(logging trap 2),168.168.44.1 is the ip address of pix(in the subnet,there are 3 unix server & about 5-6 windows workstation):

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 218.6.155.0 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 61.252.137.5 on interface

outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 202.120.255.39 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 218.181.26.160 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 211.216.61.211 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 63.89.130.214 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 200.65.241.135 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 199.253.71.150 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 169.56.26.126 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 200.57.143.242 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 202.184.66.132 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 210.198.157.33 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 211.61.164.11 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 219.37.205.49 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 202.122.179.14 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 211.46.14.207 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 61.114.227.180 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 61.50.248.184 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 61.222.139.116 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 199.67.65.20 on interface outside

2003-08-25 11:28:33 local4.critical 168.168.44.1 %pix-2-106016: deny ip spoof from (0.0.0.0) to 210.103.157.235 on interface outside

0 Helpful
1 Reply 1

jmia
Level 7
Level 7

‎08-28-2003 12:06 AM

Jeff,

Please read the following doc, This cisco doc is for PIX 5.3 using conduits but if you have access-lists then use ACL's to sort out your spoofing problem.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_v53/syslog/pixemsgs.htm#10506

Hope this helps - Jay

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card