In article , Merv wrote: :Traffic is not getting thru from outside to inside even though access :list is configured and static is configured.
:305005: No translation group found for udp src outside:10.1.1.1/514 dst :inside:192.168.2.2/514
That message tells you that an outside system with source IP 10.1.1.1 and udp source port 514 attempted to access an inside system by addressing it as 192.168.2.2 port 514.
:fw2# sh static
:static (inside,outside) udp 10.1.1.1 syslog 192.168.2.2 syslog netmask
255.255.255.255 1 1
That command says that any time someone on the outside sends a packet to the PIX with *destination* IP 10.1.1.1 destination udp port 514, that it is to be forwarded to the internal machine 192.168.2.2 udp port 514.
The first message implies that the remote system 10.1.1.1 knows to send packets to 192.168.2.2 through the PIX. That being the case, the static you would want would be
static (inside,outside) udp 192.168.2.2 syslog 192.168.2.2 syslog netmask
255.255.255.255 1 1
However, I would re-examine whether you really only want to allow one syslog packet at a time through -- devices that produce log messages might have several "in flight" at the same time, and you don't want your PIX to be throwing away the extras that happen to occur before the previous translation is torn down.