Dear All, I have a PIX 4.4 (I would upgrade it:) ) and I see a lot of UDP denies due to DNS response : %PIX-2-106007: Deny inbound UDP from Outside/53 to MYDNS/1097 due to DNS Response
I have a rule (conduit permit udp host 195.96.144.12 any eq 53 ) to permit such conections, but it seems there is another reason for these denies. As PIX document says it is because of udp timeout. But I think it is a little strange, sometimes this Outside/53 is my external DNS, and I think a 2 minute UDP timeout, is a very open limit for such udp connection. Also, To trace the problem I wanted to check duration of different connection. With documents explanation %PIX-6-302006 should contain UDP duration too, but I have not this field in my %PIX-6-302006 records :( Any comment ? Regards F. Taj __________________________________________________ Do You Yahoo!? Yahoo! GeoCities - quick and easy web site hosting, just $8.95/month. http://geocities.yahoo.com/ps/info1 _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
