106023: Deny tcp src outside from WWW Servers
Available news archives: comp.lang.tcl - comp.lang.python - comp.security.firewalls - sci.crypt - comp.lang.php - comp.lang.javascript
Google
 
Web news.hping.org


comp.security.firewalls archive

106023: Deny tcp src outside from WWW Servers

From: Rene Obrecht <groups@no-woman-no-cry.ch>
Date: Wed Sep 07 2005 - 14:04:10 CEST



Dear all, we have a Cisco PIX 525, SW Release 6.3.4.



We have an ISA Proxy Server in our DMZ, the WWW Clients connect to this


ISA Proxy Server. This goes directly to the Internet.



There are many many entries like this in the Firewall log. Everything


works fine, but what about the warnings?



%PIX-4-106023: Deny tcp src outside:ISAPROXY/8080 dst


inside:172.25.111.158/2377 by access-group "dmz_to_intranet"



I guess the warnings are because there are answers from WWW Servers,


and no client waiting for them. Any Ideas?



Thanks, René


Received on Thu Sep 29 20:06:40 2005