From: Patrick Galligan (pgalligan@gmail.com)
Date: Thu Mar 13 2008 - 20:02:05 ARST
On Fri, Mar 14, 2008 at 5:02 AM, groupstudy email <groupstudy@gmail.com> wrote:
>
> I noticed in my log that traffic between devices in VLAN 4 (outside) is
> being blocked by the FW. The FW seems to think that this traffic is
> destined to the inside interface. That's one issue. Another issue is the
> fact it should never even hit the FW as the devices are on the same subnet.
Doesn't look like a problem with the FWSM, it is blocking what the
"outside-in" acl has been configured to block. If that traffic is
hitting the outside interface it's not likely due to any configuration
on the FWSM itself. The source address in that log message is where
you should start looking. Could be an indication of someone trying to
probe, or a simple misconfiguration (mask, proxy arp as others have
suggested already).
This archive was generated by hypermail 2.1.4 : Tue Apr 01 2008 - 07:53:53 ART