jbrotschul
Technical User
Hello,
We see several connections being established on our PIX Firewall to one of our DMZ servers.
PIX-515E# sho conn detail
UDP outside:208.98.31.12/53 DMZ:172.21.6.20/1029 flags -
UDP outside:208.98.31.12/53 DMZ:172.21.6.20/1029 flags -
UDP outside:208.98.31.12/53 DMZ:172.21.6.20/1029 flags -
Can you tell me from the syntax description for the above line to determine who is the sender?
I put in a conduit-permit statement, but it's not getting any hits...
PIX-515E# sho conduit 198.245.202.20
conduit deny ip host 198.245.202.20 host 208.98.31.13 (hitcnt=0)
I originally thought this was coming inbound, but now I'm not sure if it's outbound connections from our DMZ server (172.21.6.20) to the other host (208.98.31.12).
Any help would be greatly appreciated.
Jeff
We see several connections being established on our PIX Firewall to one of our DMZ servers.
PIX-515E# sho conn detail
UDP outside:208.98.31.12/53 DMZ:172.21.6.20/1029 flags -
UDP outside:208.98.31.12/53 DMZ:172.21.6.20/1029 flags -
UDP outside:208.98.31.12/53 DMZ:172.21.6.20/1029 flags -
Can you tell me from the syntax description for the above line to determine who is the sender?
I put in a conduit-permit statement, but it's not getting any hits...
PIX-515E# sho conduit 198.245.202.20
conduit deny ip host 198.245.202.20 host 208.98.31.13 (hitcnt=0)
I originally thought this was coming inbound, but now I'm not sure if it's outbound connections from our DMZ server (172.21.6.20) to the other host (208.98.31.12).
Any help would be greatly appreciated.
Jeff