Hi,
i am running a vpn ( IPSEC - DES ) between two PIX 515 - 6.2 ( 1 ) , and i
run a Microsoft Netmeeting session between two PCs through the tunnel.
Everything seems to work fine , the chat , the video , the sound (even though there is some lag in the video but i suppose that it is caused by
the encryption ,the two PIX outside interface are on the same subnet) , but i get this ciritical log message about every 15 sec.
"Facility: LOCAL4 Priority: CRITICAL
Message: %PIX-2-106012: Deny IP from x.x.125.191 to y.y.0.131, IP options: "0x14""
Cisco documentation says;
%PIX-2-106012: Deny IP from IP_addr to IP_addr, IP options hex.
Explanation This is a connection-related message. An IP packet was seen with IP options. Because IP options are considered a security risk, the packet was discarded.
Action A security breach was probably attempted. Check the local site for loose source or strict source routing.
What can i do to get rid of this error ? Is it a bug of 6.2 or do i have some configuration optimisation to do ?
I run
fixup protocol h323 ras 1718-1719
fixup protocol h323 h225 1720
thanks
Michel Caissie