Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1262
Views
0
Helpful
1
Replies

Syslog 106007 Message - Why?

don-brown
Level 1
Level 1

‎08-14-2005 11:26 AM - edited ‎03-09-2019 12:08 PM

The way I read the docs, these packets should pass through to the inside and I shouldn't get this syslog msg. What am I missing?

I receive the following syslog msg:

%PIX-2-106007: Deny inbound UDP from 63.210.165.1 (dl-gw-sd.websense.com) /26425 to 216.14.34.4 (ns1.inetconcepts.net) /53 due to DNS Query

The following is in the ACL bound to the outside interface:

access-list outsideacl permit udp any gt 1023 216.14.34.4 255.255.255.252 eq 53

Pix version 6.3(4)

Labels:
0 Helpful
1 Reply 1

harishtandon23
Level 1
Level 1

‎08-15-2005 12:38 AM

Hello Don,

Here is the explanation of the following syslog message:

106007

Error Message %PIX-2-106007: Deny inbound UDP from outside_address/outside_port to

inside_address/inside_port due to DNS {Response|Query}.

Explanation This is a connection-related message. This message is logged if a UDP packet containing a DNS query or response is denied.

Recommended Action If the inside port number is 53, it is likely that the inside host is set up as a caching nameserver. Add an access-list command statement to permit traffic on UDP port 53. If the outside port number is 53, the most likely cause is that a DNS server was too slow to respond, and the query was answered by another server.

As i checked the access-list command. Lets try the following access-list command instead and see if that helps?

access-list outsideacl permit udp any host 216.14.34.4 eq 53

wr mem

cl xlate

If you have any questions, please feel free to contact me.

Thanks & Regards,

Harish Tandon

harishtandon23@gmail.com

0 Helpful
Customers Also Viewed These Support Documents