server log message

jstewart73 · ‎05-22-2011

could someone further explain the following message:

Error Message    %PIX-3-313001: Denied ICMP type=icmp_type, code=type_code from IP_addr 
on interface int_name
------------------------------------------------
%PIX-3-313001: Denied ICMP type=3, code=3 from 155.229.56.214 on interface 0

Anu M Chacko · ‎05-23-2011

Hi,

This log message means that the ICMP Unreachable packet (since type=3) generated from 155.229.56.214 was dropped on interface 0 because this packet was matched against an ACL configured on that interface and the ACL denied this packet. 155.229.56.214 is probably not reachable from the PIX and is sending Unreachable messages to the PIX. These messages are being dropped by the PIX.

For example, if the host 155.229.56.214 is acting like a syslog server and is not active, the PIX gets Unreachable messages from this IP whenever it sends a syslog to this server. To allow the Unreachable messages, add:

icmp permit any unreachable outside

Hope this helps!

Regards,

Anu

P.S. Please mark this post as resolved if your question has been answered. Do rate helpful posts.

jstewart73 · ‎05-23-2011

I actually don't know what IP address this is. Should I be cautious?

Anu M Chacko · ‎05-23-2011

Hi,

If you are not aware of this IP, i suggest you shun the IP. Here is the command: "shun 155.229.56.214".

Please mark the question as resolved if it had been answered, so that the post can be referred to by other people. Do rate helpful posts.

Regards,

Anu

jstewart73 · ‎07-01-2011

Could this message cause the PIX to cut off the internet connection? The PIX intermittingly stops internet traffic. I have to turn off/on the PIX to the traffic flowing again.

varrao · ‎07-01-2011

Hi,

It should not stop your internet traffic. Whats the smount of logs being generated, and could you plz paste an output of show run logging from your firewall???

Thanks,

Varun

Thanks,
Varun Rao