cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1324
Views
0
Helpful
1
Replies

Pix syslog message

r-remien
Level 1
Level 1

I have a frame relay network that comes into the hub router into corporate HQ. We have a large SAP implementation that is hosted at a 3rd party location. So, traffic flows from the Frame, into the inside interface of the Corporate PIX 515, out the dmz interface of the Corporate Pix, into a router on the same subnet as the dmz, and then across a frame relay link to the SAP host. I am getting several hundred syslog messages per hour with the following error, %PIX-2-106012: Deny IP from IP_addr to IP_addr, IP options hex. The hex options is 0x14. The source IP is from several different hosts somewhere on the frame and the destination is to one of our SAP servers. The docs say that the SAP client application is altering the IP packet and the PIX is seeing it as some kind of security breach and discarding the packet. Our SAP has slowdowns constantly and I think this is part of the cause of slowdowns.

Thanks,

RJ

1 Reply 1

marcabal
Cisco Employee
Cisco Employee

So you know:

Most of the engineers on this Forum are more familiar with the Cisco IDS product line IDS-4210, IDS-4230, and WS-x6381-IDS.

You might get lucky and have someone familiar with Pix details also following this Forum, but if you don't get any answers here then I suggest you try this question on the FireWall Forum.

You mught have better luck contacting the Pix engineers on the FireWall Forum.

Review Cisco Networking for a $25 gift card