Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
(No xlate)
- Thread starter cpeloso
- Start date
The message is basically telling you there is not a Global or static rule in the firewall for address xxx.ddd.ccc.zzz, and someone is attempting to contact that host.
The fact that both the source and destination address are outside is legit in the warning, because the PIX treats static and global assignments as "outside" addresses (in other words, if you do a "static(inside,outside) 192.168.1.1 xxx.ddd.ccc.zzz", 192.168.1.1 is the inside address and xxx.ddd.ccc.zzz is the outside address).
All that does not mean you should add a global/static to make the above message go away, of course. From the looks of it, someone is trying to contact a host of your via LDAP (the "/389" is the destination port, which is LDAP). My guess is someone is doing some sort of scan to see what's open, and you firewall is correctly dropping the traffic.
The fact that both the source and destination address are outside is legit in the warning, because the PIX treats static and global assignments as "outside" addresses (in other words, if you do a "static(inside,outside) 192.168.1.1 xxx.ddd.ccc.zzz", 192.168.1.1 is the inside address and xxx.ddd.ccc.zzz is the outside address).
All that does not mean you should add a global/static to make the above message go away, of course. From the looks of it, someone is trying to contact a host of your via LDAP (the "/389" is the destination port, which is LDAP). My guess is someone is doing some sort of scan to see what's open, and you firewall is correctly dropping the traffic.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question