From: WorkerBee (ciscobee@gmail.com)
Date: Thu Mar 13 2008 - 20:45:53 ARST
Do you have overlapping static translation rule that may caused the issue?
On Fri, Mar 14, 2008 at 6:02 AM, Patrick Galligan <pgalligan@gmail.com> wrote:
> On Fri, Mar 14, 2008 at 5:02 AM, groupstudy email <groupstudy@gmail.com> wrote:
> >
> > I noticed in my log that traffic between devices in VLAN 4 (outside) is
> > being blocked by the FW. The FW seems to think that this traffic is
> > destined to the inside interface. That's one issue. Another issue is the
> > fact it should never even hit the FW as the devices are on the same subnet.
>
> Doesn't look like a problem with the FWSM, it is blocking what the
> "outside-in" acl has been configured to block. If that traffic is
> hitting the outside interface it's not likely due to any configuration
> on the FWSM itself. The source address in that log message is where
> you should start looking. Could be an indication of someone trying to
> probe, or a simple misconfiguration (mask, proxy arp as others have
> suggested already).
>
>
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Apr 01 2008 - 07:53:53 ART