PIX, two weird logs|
|
|
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||
|
Posted by =?ISO-8859-1?Q?Edgar=AE_du_Mid on September 8, 2005, 8:48 am
Please log in for more thread options
So, I got to cisco.com to check what it is... 8<----------8<----------8<----------8<----------8<---------- 402106: Rec'd packet not an IPSEC packet. (ip) dest_addr= 212.220.161.66, src_addr= 212.220.161.1, prot= icmp 8<----------8<----------8<----------8<----------8<---------- This one is really weird sine there is not VPN even setup on the firewall. 8<----------8<----------8<----------8<----------8<---------- 106011: Deny inbound (No xlate) tcp src external:212.220.161.25/2079 dst external:212.151.250.71/80 8<----------8<----------8<----------8<----------8<---------- I do not own anything in this 212.220.xxx.xxx really, nothing. Can anybody tell me what's happening? spoof packets? Thank you, /edgar | ||||||||||||||||
|
Posted by Graham S on September 8, 2005, 10:55 am
Please log in for more thread options indicates that a packet has arrived across the internet that is not encrypted, however your crypto access-list specifies that it should be encrypted. CHeck teh access-lists controlling encryption on both ends of the VPN tunnel. | ||||||||||||||||
|
Posted by Martin Bilgrav on September 8, 2005, 5:47 pm
Please log in for more thread options
LOL It will give the same message if you telnet to the outside interface, as this only accesed via ssh. Thats more likely, the last just is a service that are eighter scanned or is a inside clients access to a poorly written web server appl. notthing to be alarmed over, eighter of them. | ||||||||||||||||
| Similar Threads | Posted |
| PIX, two weird logs | September 8, 2005, 8:48 am |
| Logs button not opening Logs GUI | June 29, 2009, 6:44 am |
| pix logs | May 16, 2006, 6:07 am |
| Help on security logs | December 20, 2005, 11:22 am |
| Router logs | March 21, 2006, 2:58 pm |
| KIWI logs | September 18, 2009, 10:41 am |
| Re: Viewing Cisco ACL logs | August 29, 2006, 3:10 am |
| Viewing Cisco ACL logs | August 28, 2006, 5:58 pm |
| IOS and Rommon updates - change logs? | March 19, 2006, 10:00 am |
| Apache server behind PIX logs all incoming IPs as 0.0.0.0. | April 20, 2007, 10:52 am |
| NEWBIE- 800 Series / Soho 97 firewall logs - how do i see them? | February 11, 2005, 12:54 am |
| Monitoring Squid logs in Content Engine 511 | December 22, 2006, 1:18 am |
| cisco 4900 shows right time but not in sh logs | August 18, 2009, 9:48 am |
| VPN Concentrator 3000 - Send e-Mail when User logs in | November 14, 2005, 5:30 am |
| Weird nat (PIX 6.3.3) | February 28, 2006, 8:59 am |
|
Home Cabling GuideFinally, an instantly downloadable book that saves you thousands in home improvement dollars! Enjoy living in 21st century technology-advanced home while increasing its selling value and competitive advantage on the real estate market. Whether your cabling is for home office or high-tech leisure, you can wire your home yourself or learn "wirish" to speak with your cabling contractors in their language! Learn More |
> indicates that a packet has arrived across the internet that is not
> encrypted, however your crypto access-list specifies that it should be
> encrypted.