faddr is a foreign address or outside machine. gaddr is a global
address which is basically a NAT address. laddr is a local address
which is being protected behind the global/NAT address. The message
format generally puts the source first, then the destination. Cisco's
web site has PDF
In-Reply-To: [EMAIL PROTECTED]
I'm not a Cisco PIX internals expert, but in TCP built (302001) I got an
inbound|outbound so I can identify who start the connection.
If (302005) shows only the connections FROM foreign address TO local one
(as Cisco says) , how someone could identify the
In-Reply-To: [EMAIL PROTECTED]
Hi Naman, nice to see you here too...
unfortunally, I've to use PIX 6.0 because it seems it's the PIX version
used by the FWSM module.
In v6.2+ there is no more message 302005 and also no more 302001, but I
have to deal also with that ones.
So in the old
Which Software version you are using ?
I am not sure of the earlier versions but with 6.2(2), message 302015 is
used to define the UDP connections with inbound\outbound keyword
included.
firewall %PIX-6-302015: Built outbound UDP connection 4024629 for
outside:x.x.x.x/22368 (x.x.x.x/22368) to
Hi Verde,
You know in my opinion Cisco has one of the best support sites in the world.
I don't believe there is a single product that can't be deployed using only
their website.
Example of what you asked for:
Log Message %PIX-6-302005: Built UDP connection for faddr IP_addr/port gaddr