Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
689
Views
3
Helpful
1
Replies

ZBF Drops Source Port 0 Destination Port 3

2044418Puts
Level 1
Level 1

‎05-04-2010 01:23 AM - edited ‎03-11-2019 10:40 AM

Hi,

My ZBF configuration is showing a lot of drops:

114110: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114111: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114112: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114113: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114114: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114115: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114116: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114117: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114118: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114119: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114120: May  2 12:49:43.559 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114121: May  2 12:50:43.560 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114122: May  2 12:50:43.560 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114123: May  2 12:50:43.560 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114124: May  2 12:50:43.560 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)
114125: May  2 12:50:43.560 CET: %FW-6-LOG_SUMMARY: 1 packet were dropped from PUBLIC_IP:0 => PRIVATE_IP:3 (target:class)-(OUTSIDE_INSIDE_ZP:class-default)

I'm not really sure if this is a problem, since no one is complaining of dropped sessions. But I think the portnumbers are really odd... Anyone any idea what traffic goes from source port 0 to destination port 3? Traffic is also being PAT on this router. OUTSIDE interface is also "ip nat outside", INSIDE interface is also "ip nat inside".

Thanks!

1 person had this problem
Labels:
0 Helpful
1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

‎05-04-2010 04:33 AM

There is an enhancement bug that has been filed to provide more information on the ZBFW logs in particular the logs that you have been seeing.

Here is the  bugID for your reference: CSCsr41215

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsr41215

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card