In-Reply-To: <[EMAIL PROTECTED]> I'm not a Cisco PIX internals expert, but in TCP built (302001) I got an inbound|outbound so I can identify who start the connection.
If (302005) shows only the connections FROM foreign address TO local one (as Cisco says) , how someone could identify the connections FROM local address TO a foreign one ? Maybe I'm missing something ? I've not found in Cisco System Log Messages Guide any other message about outbound UDP built( all links for pix are here http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_messa ge_guides_list.html ). Thanks again P.S. Naman shows me that in PIX v6.2+ there is a different message for UDP Built with inbound/outbound indicator, so I have to 'assume' that maybe in PIX version 6.0 it was a Cisco matter the absence of a direction indicator. The question remains...I have to get all 302005 as messages indicating ONLY connections from foreign address to local ones ? There is no indicator for an UDP Built from a local address to a foreign one ? Or the Explanation should be : Explanation This is a connection-related message. This message is logged when a UDP connection is started to foreign address faddr using the global address gaddr from local address laddr, or when a UDP connection is started from foreign address faddr using the global address gaddr to local address laddr. ? Amodiovalerio Verde > Hi Verde, > >You know in my opinion Cisco has one of the best support sites in the world. >I don't believe there is a single product that can't be deployed using only >their website. > > >Example of what you asked for: > >Log Message %PIX-6-302005: Built UDP connection for faddr IP_addr/port gaddr >IP_addr/port laddr IP_addr/port > >Explanation This is a connection-related message. This message is logged >when a UDP connection is started to foreign address faddr using the global >address gaddr from local address laddr. > >http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_system_mess ag >e_guide_chapter09186a00800896b2.html > --------------------------------------------------------------------------- Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts! The Gartner Group just put Neoteris in the top of its Magic Quadrant, while InStat has confirmed Neoteris as the leader in marketshare. Find out why, and see how you can get plug-n-play secure remote access in about an hour, with no client, server changes, or ongoing maintenance. Visit us at: http://www.neoteris.com/promos/sf-6-9.htm ----------------------------------------------------------------------------
