07-29-2005 12:16 PM - edited 02-21-2020 12:18 AM
Our Pix 535 goes into an error state either when it gets very busy or when the router goes down that is its next hop to its inside routes. Here is what it logs:
"106011: Deny inbound (No xlate) udp src inside:172.31.0.3/514 dst inside:10.10.8.233/514"
The first IP is its own inside interface address. The second is the syslog server. I have seen similar messages posted from others when they have internal routing problems, but the source is never the Pix inside address. Any info on what may cause this message would be helpful.
08-05-2005 05:05 AM
Did you try to allow that IP with either a conduit permit or in the Access list ?? PIX denies all the traffic by default.
08-05-2005 06:58 AM
I thing you should use clear xlate command.
08-05-2005 07:28 AM
Are you logging via tcp or udp? If you have your logging set to a syslog server using tcp, and that server is unavailable for any reason, the PIX will stop forwarding traffic.
08-05-2005 08:58 AM
This is what Cisco Website says.
Error Message %PIX-3-106011: Deny inbound (No xlate) chars
Explanation The message will appear under normal traffic conditions if there are internal users that are accessing the Internet via a web browser. Anytime a connection is reset, when the host at the end of the connection sends a packet after the PIX Firewall receives the reset, this message will appear. It can typically be ignored.
Recommended Action Disable this syslog message from getting logged to the syslog server by entering the no logging message 106011 command.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide