Re: PIX syslog message

nataraj_v · ‎04-20-2005

Dear All,

im getting lot of messages in my pix logs. even i

see hardly built connections . all 305005 messages.

but still nothing problem reported from that location.

but im worried , whts going on , lot of meessages...

can anybody suggest me on this. according to Pix syslog message instructions this message will come if no nat is there .

but as per my knowledge there is no problme in tht location..

but why this no of messages r coming in pix log messagesss

No translation group found for icmp src dmz1:10.64.1.57 dst outside:10.2.254.10 (type 8, code 0)

2005-03-21 10:37:25 Local4.Error 172.16.1.38 Mar 20 2005 22:04:00: %PIX-3-305005: No translation group found for icmp src dmz1:10.64.1.54 dst outside:10.64.250.57 (type 8, code 0)

PIX-3-305005: No translation group found for tcp src dmz1:10.64.1.34/55534 dst outside:10.0.67.102/8080

%PIX-3-305005: No translation group found for udp src dmz1:10.64.1.42/1147 dst outside:192.36.148.17/53

%PIX-3-305005: No translation group found for tcp src dmz1:10.64.1.34/80 dst outside:10.59.250.118/1589

Thanks and Regards

Nataraj

lgijssel · ‎04-20-2005

No translation is not a serious issue regarding intrusion risks. It may be that you have tightened things a bit too far. The message means that some host in the dmz1 is trying to get out on the Internet but is not allowed to.

To limit log messages from a pix in general, it is advisable to set the trap logging level to 5 or less.

This gets rid of all the informational stuff.

Regards,

Leo