From: Gao, Qingli (c-qgao@state.pa.us)
Date: Tue Jan 30 2007 - 16:25:48 ART
Looks to me this is an ip spoofing issue.
The source IP network trying to access FWSM is also behind the FWSM,
so FWSM teardown the connection.
It will be better if you can give me more detail on you network.
Thank you!
Qingli Gao
CCIE
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Edward Norton
Sent: Tuesday, January 30, 2007 3:50 AM
To: ccielab@groupstudy.com; security@groupstudy.com
Subject: FWSM question
Folks ;
I have a real world setup where I have two 6509 in two different sites
,each one has a FWSM inserted and any communciation between the two
sites has to pass through the FWSM
the FWSM log keep reporting the following error
Local4.Info 192.49.225.1 Jan 26 2007 04:04:57
FWSM-DC-PR : %FWSM-6-302013: Built outbound TCP connection 219063706 for
faddr 192.50.5.11/40015 gaddr 192.49.5.11/1983 laddr 192.49.5.11/1983
Local4.Info 192.49.225.1 Jan 30 2007 04:04:57 FWSM-DC-PR :
%FWSM-6-302014: Teardown TCP connection 219063706 faddr
192.50.5.11/40015 gaddr 192.49.5.11/1983 laddr 192.49.5.11/1983 duration
0:00:00 bytes 76 (TCP Reset-O)
my question is that , does this reset is created by the FWSM itself or
it is just reported by it ?
second question is that what is FWSM-DR-PR means here ?
any input will be apprciated
---------------------------------
Expecting? Get great news right away with email Auto-Check.
Try the Yahoo! Mail Beta.
This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:58 ART