05-30-2003 05:37 AM - edited 02-20-2020 10:46 PM
I have copied the following ERROR messages collected by the syslog utility for pix 6.2.
I keep geeting them on a non-stop basis. Please help me interpret and rectify them.
May 29 2003 20:40:42: %PIX-3-305005: No translation group found for udp src outside:217.36.40.213/3038 dst inside:204.142.89.158/1434
May 29 2003 20:40:42: %PIX-3-305005: No translation group found for tcp src outside:63.139.133.200/2620 dst inside:198.138.22.134/445
Thanks!
05-30-2003 06:04 AM
Hello,
This is the answer from Cisco:
%PIX-3-305005 (x1): No translation group found for
Explanation: An outbound packet does not match any of the outbound nat rules.
Recommended Action: This message signals a configuration error. If dynamic NAT is desired for the source host, ensure that the nat command matches the source IP address. If static NAT is desired for the source host, ensure that the local IP address of the static command matches. If no NAT is desired for the source host, check the access-list bound to the nat 0 access-list.
I hope this is an answer to you
Greetings,
Rene
05-30-2003 06:21 AM
I am not able to follow your point very well. I am new to cisco and would appreciate some elaboration.
I have the following:
nat (inside) 0 0.0.0.0 0.0.0.0 0 0
nat (dmz:2) 0 0.0.0.0 0.0.0.0 0 0
And I do not have a nat 0 access-list.
05-30-2003 09:16 AM
HI.
Because the sources are from outsides, and the ports are common ports for attackes, It seems to me more like a "normal" port scan from external hosts, rather then a configuration error at your side.
Since these attempts are blocks, I don't think that you need to do much about it, unless you have some problem.
Yizhar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide