Cisco Pix 501 - reaching local host limit, showing odd IP addresses
Posted
by cdonner
on Server Fault
See other posts from Server Fault
or by cdonner
Published on 2010-01-25T16:46:08Z
Indexed on
2010/03/15
8:09 UTC
Read the original article
Hit count: 714
I am running out of licenses on my Pix 501, and the show local-host command lists a number of odd IP addresses that do not belong to my 10.10.1.* subnet. Any idea what they are? The only thing I could find was a potential ISP: DINSA is Defence Interoperable Network Services Authority, an agency of the Ministry of Defence of the United Kingdom. Does not sound right.
I don't see any active connections, though. I can't ping or traceroute these IPs, but they reappear after I clear the list, with various other addresses in that general range, up until the connection limit is reached. Based on the number denied, I suppose I would have a lot more of them had I not the connection limit. Very dubious. Is anybody else seeing this?
pixfirewall# show local-host
Interface inside: 10 active, 10 maximum active, **118 denied**
local host: <10.10.1.110>,
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <10.10.1.176>,
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <10.10.1.170>,
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 1/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <10.10.1.175>,
TCP connection count/limit = 11/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 1/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <10.10.1.108>,
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <25.33.41.115>, // ???????????????? what is this?
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <25.33.226.124>, // ???????????????? what is this?
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <10.10.1.172>,
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <25.36.114.91>, // ???????????????? what is this?
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
local host: <10.10.1.109>,
TCP connection count/limit = 0/unlimited
TCP embryonic count = 0
TCP intercept watermark = unlimited
UDP connection count/limit = 0/unlimited
AAA:
Xlate(s):
Conn(s):
pixfirewall#
© Server Fault or respective owner