Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2901
Views
0
Helpful
1
Replies

Regular Translation Creation Failed for icmp - Millions

jameswatson33
Level 1
Level 1

‎08-20-2019 10:34 AM

Good day,

I am a security analyst trying to tame the log traffic from our firewall (2 FTD 4140 + FMC). I have had a CCNA in the past but primarily worked in systems so I am familiar with networking protocols and concepts but inexperienced at troubleshooting. So I was hopeful that someone could point me in the right direction regarding something I'm seeing in our logs before I take it to our networking team.

 

I'm getting about 1.5M of the following messages daily

 

regular translation creation failed for icmp src INSIDE:10.192.0.204 dst OUTSIDE:173.194.219.94 (type 3, code 3)

 

They are all from different src/dst addresses and seem to correspond to otherwise normal translation during internet access. I did a bit of googling and search of this forum but did not find anything immediately helpful. The messages are not linked to any specific support issues, but I would like to eliminate/suppress them if possible in the interests of event log management.

 

Any suggestions? Or additional information I can provide?

Labels:
0 Helpful
1 Reply 1

#Mat
Level 6
Level 6

‎08-20-2019 11:46 AM

Hi jameswatson33, if this traffic is safe, try with enable icmp inspection.

 

From CLI do configure inspection ICMP enable

 

Regards.-

.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card