Firewall Wizards mailing list archives
Re: PIX dropping packets with source port 80
From: Martin Mačok <martin.macok () underground cz>
Date: Wed, 26 May 2004 10:57:26 +0200
On Tue, May 25, 2004 at 12:44:14PM -0400, LazloCarreidas () netscape net wrote:
We have a cluster of PIX 525. Since the upgrade of the PIX OS to 6.3(3), we get lots of 106023 messages, such as
%PIX-4-106023: Deny tcp src DMZ:aaa.bbb.ccc.ddd (asite.adomain.atld) /80 dst inside:OurProxy/37568 by access-group "acl_DMZ"
Could you trace the TCP flags of such packets? In which phase during the TCP connection do they appear? (after?)
For the persons who uses the proxy, there is no issue...
Martin Mačok IT Security Consultant _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- PIX dropping packets with source port 80 LazloCarreidas (May 25)
- Re: PIX dropping packets with source port 80 Martin Mačok (May 27)