Pix syslog meldingen ( Messages 302001 to 309002 )

In Cisco , Pix Firewall , door: Martin Gepubliceerd op




Messages 302001 to 309002

Log Message %PIX-6-302001: Built inbound TCP connection number for faddr
IP_addr/port gaddr IP_addr/port laddr IP_addr/port

 

Explanation This is a connection-related message. This message reports that an authenticated TCP connection was started to foreign address faddr using the global address gaddr from local address laddr. If the connection required authentication, the username is reported in the last field of the message.



Recommended Action:
None required.

Log Message %PIX-6-302002: Teardown TCP connection for faddr IP_addr/port
gaddr IP_addr/port laddr IP_addr/port duration time bytes num (text)

Explanation This is a connection-related message. This message is logged when a TCP connection is terminated. The duration and byte count for the session are reported. If the connection required authentication, the username is reported in the last field of the message. This message is used by the PIX Firewall Manager to generate reports.



Recommended Action:
None required.

Log Message %PIX-6-302003: Built H245 connection for faddr IP_addr laddr
IP_addr/port

Explanation This is a connection-related message. This message is logged when an H.245 connection is started from foreign address faddr to local address laddr. This message only occurs if the PIX Firewall detects the use of an Intel Internet phone.



Recommended Action:
None required.

Log Message %PIX-6-302004: Pre-allocate H323 UDP backconnection for faddr
IP_addr to laddr IP_addr/port

Explanation This is a connection-related message. This message is logged when an H.323 UDP back-connection is preallocated to foreign address faddr from local address laddr. This message is only generated if the PIX Firewall detects the use of an Intel Internet phone.



Recommended Action:
None required.

Log Message %PIX-6-302005: Built UDP connection for faddr IP_addr/port
gaddr IP_addr/port laddr IP_addr/port

Explanation This is a connection-related message. This message is logged when a UDP connection is started to foreign address faddr using the global address gaddr from local address laddr.



Recommended Action:
None required.

Log Message %PIX-6-302006: Teardown UDP connection for faddr IP_addr/port
gaddr IP_addr/port laddr IP_addr/port

Explanation This is a connection-related message. This message is logged when a UDP connection is terminated. The duration and byte count for the session are reported. If the connection required authentication, the username is also reported in the last field of the message. This message is used by the PIX Firewall Manager to generate reports.



Recommended Action:
None required.

Log Message %PIX-6-302009: Rebuilt TCP connection number for faddr
IP_addr/port gaddr IP_addr/port laddr IP_addr/port

Explanation This is a connection-related message. This message appears after a TCP connection is rebuilt after a failover. A sync packet is not sent to the other PIX Firewall. The faddr IP address is the foreign host, the gaddr IP address is a global address, and the laddr IP address is the local IP address "behind" the PIX Firewall.



Recommended Action:
None required.

Log Message %PIX-6-302010: connections in use, connections most used

Explanation This message lists the number of connections currently in use and the maximum number of connections that have been used since the PIX Firewall unit was last rebooted. This message only appears in PIX Firewall version 4.4(4).



Recommended Action:
None required.

Log Message %PIX-6-303002: IP_addr retrieved IP_addr:chars

Explanation This is an FTP/URL message. This message is logged when the specified host successfully retrieves data from the specified FTP site. This message is used by the PIX Firewall Manager to generate reports.



Recommended Action:
None required.

Log Message %PIX-5-304001: text IP_addr Accessed IP_addr:chars.

Explanation This is an FTP/URL message. This message is logged when the specified host successfully accesses the specified URL. This message is used by the PIX Firewall Manager to generate reports.



Recommended Action:
None required.

Log Message %PIX-5-304002: Access denied URL chars SRC IP_addr DEST
IP_addr: chars

Explanation This is an FTP/URL message. This message is logged if access from the source address to the specified URL or FTP site is denied.



Recommended Action:
None required.

Log Message %PIX-3-304003: URL Server IP_addr timed out URL string

Explanation This message logs when a URL server times out.



Recommended Action:
None required.

Log Message %PIX-6-304004: URL Server IP_addr request failed URL chars

Explanation This is an FTP/URL message. This message is logged if a WebSENSE server request fails. This message may also appear as %PIX-3-304004 in versions 4.4(1) through 4.4(3). In version 4.4(4), it only appears at severity level 6 (informational).



Recommended Action:
None required.

Log Message %PIX-7-304005: URL Server IP_addr request pending URL chars

Explanation This is an FTP/URL message. This message is logged when a WebSENSE server request is pending.



Recommended Action:
None required.

Log Message %PIX-2-304007: URL Server IP_addr not responding, ENTERING
ALLOW mode

Explanation This is an FTP/URL message. This message is logged when you use the allow option of the filter command, and the WebSENSE server(s) is not responding. The PIX Firewall allows all Web requests to continue without filtering while the server(s) is not available.



Recommended Action:
None required.

Log Message %PIX-2-304008: LEAVING ALLOW mode, URL Server is up

Explanation This is an FTP/URL message. This message is logged when you use the allow option of the filter command, and the PIX Firewall receives a response message from a WebSENSE server that previously was not responding. With this response message, the PIX Firewall exits the allow mode enabling once again the URL filtering feature.



Recommended Action:
None required.

Log Message %PIX-6-305001: Portmapped translation built for gaddr
IP_addr/port laddr IP_addr/port (chars)

Explanation This is a connection-related message. This message is logged when an xlate is created for outbound traffic using a PAT global address. This applies to UDP, TCP, and ICMP packets.



Recommended Action:
None required.

Log Message %PIX-6-305002: Translation built for gaddr IP_addr to IP_addr

Explanation This is a connection-related message. This message is logged when an xlate is created for outbound traffic using a global address, or for either outbound or inbound traffic using a static address.



Recommended Action:
None required.

Log Message %PIX-6-305003: Teardown translation for global IP_addr local
IP_addr

Explanation This is a connection-related message. This message is logged when the PIX Firewall clears a dynamically allocated translation after the xlate timeout expires.



Recommended Action:
None required.

Log Message %PIX-6-305004: Teardown portmap translation for global
IP_addr/port local IP_addr/port

Explanation This message is logged when a portmapped translation (PAT xlate) no longer in use has been reclaimed.



Recommended Action:
None required.

Log Message %PIX-3-305005: No translation group found for protocol

Explanation This message logs when a nat and global command cannot be found for a protocol. The protocol can be TCP, UDP, or ICMP.



Recommended Action:
This message can be either an internal error or an error in the configuration.

Log Message %PIX-3-305006: type translation creation failed for protocol

Explanation A protocol (UDP, TCP, or ICMP) failed to create a translation through the PIX Firewall. The type can be static, portmapped (PAT), or regular.



Recommended Action:
This message can be either an internal error or an error in the configuration.

Log Message %PIX-6-305007: text(): Orphan IP IP_addr on interface
interface_number

Explanation This message logs after the PIX Firewall attempts to translate an address that it cannot find in any of its global pools. The PIX Firewall assumes that the address has been deleted and drops the request.



Recommended Action:
None required.

Log Message %PIX-6-307001: Denied Telnet login session from IP_addr.

Explanation This is a PIX Firewall management message. This message is logged when the PIX Firewall denies an attempt to connect to the Telnet port from the specified IP address on the inside network. This message may also appear as %PIX-3-307001.



Recommended Action:
From the console, enter the show telnet command to verify that the PIX Firewall is configured to permit Telnet access from that host or network. From the PIX Firewall Ma

RSS Twitter e-mail