PIX should not see that traffic in the first place. PIX only routes traffic between interfaces and can't make "u-turns" - only routes traffic from inside to outside or from outside to inside, but not from inside to inside or outside to outside. PIX considers this a security violation. I would check outside router and see why is it forwarding this traffic to the PIX.
-- Lidiya White CCIE #8155 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Roy Sent: Monday, March 25, 2002 8:20 PM To: [EMAIL PROTECTED] Subject: how to deal with this message on pix? [7:39497] hi all i notice the message shown as bellow on my pix, and how can i deal with it? 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) udp src outside:61.156.7.187/16372 dst outside:202.96.137.40/6970 106011: Deny inbound (No xlate) tcp src outside:202.109.106.130/8893 dst outside:202.96.137.40/59478 106011: Deny inbound (No xlate) udp src outside:202.96.136.201/49202 dst outside:202.96.137.40/53 106011: Deny inbound (No xlate) tcp src outside:162.105.69.121/21 dst outside:202.96.137.40/60090 any helps will be appreciated sincerely Roy ""John Green"" P4HkO{O"PBNE :[EMAIL PROTECTED] > is any one aware of any issue with PIX501 and > connecting via cable modem to get an ip address (dhcp) > ? > > internet-----cable-----PIX----HOST > modem 501 > > without the pix, the HOST is able to get the dhcp ip > address fine. the pix is configured to get an > ipaddress from dhcp for its outside interface. but it > is failing. > does anyone know of such issues ? > > > __________________________________________________ > Do You Yahoo!? > Yahoo! Movies - coverage of the 74th Academy Awards. > http://movies.yahoo.com/ Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=39509&t=39497 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
