Hi Sim,
There is some flaw in your security policy. Pls check the =
configuration again. I am enclosing some info from CCO regarding the =
syslog message 106011:
%PIX-7-106011: Deny inbound (No xlate) chars
Explanation This is a connection-related message. This message =
occurs when a packet is sent to the same interface that it arrived on. =
This usually indicates that a security breach is occurring. When the PIX =
Firewall receives a packet, it tries to establish a translation slot =
based on the security policy you set with the global and conduit =
commands, and your routing policy set with the route command.=20
Failing both policies, PIX Firewall allows the packet to flow from the =
higher priority network to a lower priority network, if it is consistent =
with the security policy. If a packet comes from a lower priority =
network and the security policy does not allow it, PIX Firewall routes =
the packet back to the same interface.
To provide access from an interface with a higher security to a lower =
security, use the nat and global commands. For example, use the nat =
command to let inside users access outside servers, to let inside users =
access perimeter servers, and to let perimeter users access outside =
servers.
To provide access from an interface with a lower security to higher =
security, use the static and conduit commands. For example, use the =
static and conduit commands to let outside users access inside servers, =
outside users access perimeter servers, or perimeter servers access =
inside servers.=20
Action Fix your configuration to reflect your security policy for =
handling these attack events.=20
In PIX the running configuration is shown by "Show Config". Any changes =
made in PIX will be effective only once you write them to the memory. =
There is no such thing as startup and running configuration in PIX. To =
add to this info, PIX uses an Operating system called Finesse which is =
different from Cisco IOS.
Hope this helps.
Regards,
Vamsi
----- Original Message -----=20
From: "Sim, CT (Chee Tong)"
To:
Sent: Tuesday, September 24, 2002 4:49 PM
Subject: PIX questions [7:53953]
> I keep having the following log in my PIX. It is very frequent. What =
is
> that mean? It seems my PIX deny this connection, but actually I want =
to
> allow it now and make it no longer log to the PIX log. =20
>=20
> 106011: Deny inbound (No xlate) udp src outside:200.100.182.173/58000 =
dst outside:192.168.5.200/58000
>=20
> 106011: Deny inbound (No xlate) udp src outside:200.100.182.173/58000 =
dst outside:192.168.5.200/58000
>=20
> 106011: Deny inbound (No xlate) udp src outside:200.100.182.79/58000 =
dst outside:192.168.5.200/58001
>=20
> 106011: Deny inbound (No xlate) udp src outside:200.100.182.79/58000 =
dst outside:192.168.5.200/58001
>=20
> I tried to clear it by adding the following command in the PIX config =
to
> allow the connection to come in. However, I still found the same log =
in my
> PIX? What should be the correct command?
>=20
> =20
>=20
> conduit permit udp any range 58000 58001 any
>=20
> =20
>=20
> =20
>=20
> Question2- How to show the "running-config" in PIX? I found whenever =
I made
> a change on PIX. I can't see the change when I issue "sh conf" command =
until
> I do "wr mem" What is the router equivalent show running-config =
command in
> PIX?
>=20
> =20
>=20
> Thanks a lot
>=20
> =20
>=20
>=20
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> De informatie opgenomen in dit bericht kan vertrouwelijk zijn en=20
> is uitsluitend bestemd voor de geadresseerde. Indien u dit bericht=20
> onterecht ontvangt wordt u verzocht de inhoud niet te gebruiken en=20
> de afzender direct te informeren door het bericht te retourneren.=20
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> The information contained in this message may be confidential=20
> and is intended to be exclusively for the addressee. Should you=20
> receive this message unintentionally, please do not use the contents=20
> herein and notify the sender immediately by return e-mail.
>=20
>=20
> =
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>=20
>=20
>=20
>=20
**************************Disclaimer**************************************************
Information contained in this E-MAIL being proprietary to Wipro Limited is
'privileged'
and 'confidential' and intended for use only by the individual or entity to
which it is
addressed. You are notified that any use, copying or dissemination of the
information
contained in the E-MAIL in any manner whatsoever is strictly prohibited.
****************************************************************************************
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=53961&t=53953
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
