Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
605
Views
0
Helpful
2
Replies

Syslog Messages %PIX-3-106011

ontrack
Level 1
Level 1

‎08-14-2001 07:37 AM - edited ‎03-08-2019 08:36 PM

I upgraded a PIX 515 from 5.1(4) to 6.0(1) and now I am seeing some strange syslog messages at the rate of about 200/hour. The message is as follows:

%PIX-3-106011: Deny inbound (No xlate) tcp src outside:216.52.4.52 (Unresolved) /80 dst outside:X.X.X.250 (test.mycompany.com) /7943

The test.mycompany.com host is my NAT address for inside. I am quessing that the xlate is timing out but I used to never get this message before I upgraded to PIX 6.0 and the xlate timeout is the same on the old version and the new version. Anyone have any ideas on why this message is bombing my syslog server.

Labels:
0 Helpful
2 Replies 2

weslin
Level 1
Level 1

‎08-17-2001 06:43 AM

If the log entry is similar to "PIX-3-106011: Deny inbound (No xlate) tcp src outside:x.x.x.x/2657 dst outside:y.y.y.y/80", you are dropping "CodeRed" packets.

Cisco advisory.

http://www.cisco.com/tac/newsflash/codered_secadvisory_08162001.html

0 Helpful

hanchong
Level 1
Level 1
In response to weslin

‎10-31-2001 07:19 PM

Just wondering what if the message is the other way round ?

PIX-3-106011: Deny inbound (No xlate) tcp src outside:x.x.x.x/80 dst outside:y.y.y.y/2374

or when the port number are not 80 but others ?

Any idea on that ?

0 Helpful
Customers Also Viewed These Support Documents