Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
763
Views
0
Helpful
2
Replies

FWSM-3-305005 message flood from standby FWSM

jstewart
Level 1
Level 1

‎09-09-2004 05:37 AM - edited ‎03-09-2019 08:44 AM

My Secondary - Standby FWSM is producing 300K+ error messages a day like the following:

Sep 09 2004 14:57:04: %FWSM-3-305005: No translation group found for udp src inside:x.xxx.69.12/4569 dst outside:0.0.0.0/0

Sep 09 2004 14:57:04: %FWSM-3-305005: No translation group found for udp src inside:x.xxx.69.12/4825 dst outside:0.0.0.0/0

Sep 09 2004 14:57:04: %FWSM-3-305005: No translation group found for udp src inside:x.xxx.69.12/5081 dst outside:0.0.0.0/0

Sep 09 2004 14:57:04: %FWSM-3-305005: No translation group found for udp src inside:x.xxx.69.12/5337 dst outside:0.0.0.0/0

Sep 09 2004 14:57:04: %FWSM-3-305005: No translation group found for udp src inside:x.xxx.69.12/5593 dst outside:0.0.0.0/0

Sep 09 2004 14:57:04: %FWSM-3-305005: No translation group found for udp src inside:x.xxx.69.12/5849 dst outside:0.0.0.0/0

or

Sep 09 2004 15:26:47: %FWSM-3-305005: No translation group found for tcp src inside:x.xxx.69.12/1153 dst outside:0.0.0.0/0

Sep 09 2004 15:26:47: %FWSM-3-305005: No translation group found for protocol 0 src inside:x.xxx.69.12 dst outside:0.0.0.0

Sep 09 2004 15:26:47: %FWSM-3-305005: No translation group found for udp src inside:x.xxx.69.12/1153 dst outside:0.0.0.0/0

Sep 09 2004 15:26:47: %FWSM-3-305005: No translation group found for icmp src inside:x.xxx.69.12 dst outside:0.0.0.0 (type 0, code

0)

The x.xxx.69.12 is a real machine on the inside which communicates successfully, mostly with sun rpc, with machines behind the outside interface.

The Primary - Active FWSM produces no such error messages. I am running 2.2.1.11.

I can't figure out why the Standby FWSM is producing error messages at all. Any ideas where to start looking?

Labels:
0 Helpful
2 Replies 2

nkhawaja
Cisco Employee
Cisco Employee

‎09-11-2004 11:48 AM

Are both the FWSMs in different switches? What sort of trunk you have between those switches? What bandwidth? probably the xlates are not replcating to the secondary fwsm. What if you failover to secondary, would you still get the messages on primary (standby) then.

0 Helpful

jstewart
Level 1
Level 1
In response to nkhawaja

‎09-13-2004 12:02 AM

Yes, they are on different switches. I have a 3 x 1GB trunk/channel between them dedicated to the 'failover' and 'stateful' vlans. When I failover to the secondary, I get the messages from the new standby.

0 Helpful
Customers Also Viewed These Support Documents