Well, that was just a guess. Regardless of the actual cause, for some reason the firewall is sending traffic to the router and the router thinks that a better gateway exists somewhere on that same subnet. So, it's sending ICMP redirects to try to get the firewall to send any further traffic to the other gateway. Without seeing configs and logs I wouldn't be able to nail it down more than that. You might have enough information now to figure out exactly what's going on. Good luck! John | no we only have one router on this subnet | | our current config | remo | te office | outside router / firewall / internal router>> "John Neiberger" 08/24/01 | 04:17PM >>> | Most likely you have at least two routers hanging off of that port | somewhere and they are aware of each other. One of them--Router A--is | currently the next hop for a certain route. However, because of some | other event it became aware that Router B is actually the best route for | that specific destination and it is informing the firewall to use a | different gateway router. | | HTH, | John | | >>> "Gary Crouch" 8/24/01 4:58:41 PM >>> | I was switching my pix firewall getting ready to set up failover when | I | knoticed lots of ICMP redirect messages being logged to the console of | my | internal router | what are these I have not seen them before is this a sign of a virus | or | hacker | attack. | | Thanks | | Gary Crouch | | | | | | I was switching my pix firewall getting ready to set up failover when I | | knoticed lots of ICMP redirect messages being logged to the console of | my | internal router | what are these I have not seen them before is this a sign of a virus or | | hacker attack. | | Thanks | | Gary Crouch | no we only have one router on this subnet our current | config remote | officeoutside router — firewall — internal router>> "John | Neiberger" 08/24/01 04:17PM >>> | Most likely you have at least two routers hanging off of that port | somewhere and they are aware of each other. One of them--Router A--is | currently the next hop for a certain route. However, because of some | other event it became aware that Router B is actually the best route for | that specific destination and it is informing the firewall to use a | different gateway router. | | HTH, | John | | >>> "Gary Crouch" 8/24/01 4:58:41 PM >>> | I was switching my pix firewall getting ready to set up failover when | I | knoticed lots of ICMP redirect messages being logged to the console of | my | internal router | what are these I have not seen them before is this a sign of a virus | or | hacker | attack. | | Thanks | | Gary Crouch | | I was switching my pix firewall getting ready to set up failover when I | | knoticed lots of ICMP redirect messages being logged to the console of | my | internal router | what are these I have not seen them before is this a sign of a virus or | | hacker attack. | | Thanks | | Gary Crouch | | | | _______________________________________________________ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=17290&t=17197 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
