Good day,
I am a security analyst trying to tame the log traffic from our firewall (2 FTD 4140 + FMC). I have had a CCNA in the past but primarily worked in systems so I am familiar with networking protocols and concepts but inexperienced at troubleshooting. So I was hopeful that someone could point me in the right direction regarding something I'm seeing in our logs before I take it to our networking team.
I'm getting about 1.5M of the following messages daily
regular translation creation failed for icmp src INSIDE:10.192.0.204 dst OUTSIDE:173.194.219.94 (type 3, code 3)
They are all from different src/dst addresses and seem to correspond to otherwise normal translation during internet access. I did a bit of googling and search of this forum but did not find anything immediately helpful. The messages are not linked to any specific support issues, but I would like to eliminate/suppress them if possible in the interests of event log management.
Any suggestions? Or additional information I can provide?