This is explained? (Help)
6 | Sep 05-2014 | 21:28:46 | 192.168.1.2 | 37071 | 199.195.xxx.xxx | 37071 | Dynamic translation TCP disassembly of any:192.168.1.2/37071 to Outside:199.195.xxx.xxx/37071 duration 0:00:31 |
Hello
I hope I can get this explained to me in simple terms so I understand what is happening. I thought that I had stated in my config that allowed all traffic of my internal networks to external networks, but my Active log is filled with packets are blocked and blocked. I'm just curious to know what is happening here. It is with UDP and TCP.
Thank you!
I have tons of them:
6 | Sep 05-2014 | 21:36:59 | 192.168.1.2 | 62608 | 199.195.xxx.xxx | 62608 | Built a dynamic UDP conversion of any:192.168.1.2/62608 to Outside:199.195.xxx.xxx/62608 |
6 | Sep 05-2014 | 21:36:59 | 199.195.xxx.x | 53 | 192.168.1.2 | 62608 | UDP connection disassembly 6952281 for Outside:199.195.xxx.x/53 for Inside:192.168.1.2/62608 duration 0: 00:00 152 bytes |
6 | Sep 05-2014 | 21:36:58 | 10.10.1.2 | 63481 | 199.195.xxx.xxx | 63481 | Dynamic translation UDP disassembly of any:10.10.1.2/63481 to Outside:199.195.xxx.xxx/63481 duration 0:00:31 |
The ASA config:
ASA5510 # sh run
: Saved
:
ASA Version 9.1 (4)
!
hostname ASA5510
domain maladomini.int
activate liqhNWIOSfzvir2g encrypted password
volatile xlate deny tcp any4 any4
volatile xlate deny tcp any4 any6
volatile xlate deny tcp any6 any4
volatile xlate deny tcp any6 any6
volatile xlate deny udp any4 any4 eq field
volatile xlate deny udp any4 any6 eq field
volatile xlate deny udp any6 any4 eq field
volatile xlate deny udp any6 any6 eq field
liqhNWIchangedvir2g encrypted passwd
names of
DNS-guard
!
interface Ethernet0/0
LAN Interface Description
nameif inside
security-level 100
IP 10.10.1.1 255.255.255.252
!
interface Ethernet0/1
Description of the WAN Interface
nameif outside
security-level 0
IP address 199.195.xxx.x 255.255.255.240
!
interface Ethernet0/2
DMZ description
nameif DMZ
security-level 100
IP 10.10.0.1 255.255.255.252
!
interface Ethernet0/3
VOIP description
nameif VOIP
security-level 100
IP 10.10.2.1 255.255.255.252
!
interface Management0/0
management only
Shutdown
nameif management
security-level 0
no ip address
!
boot system Disk0: / asa914 - k8.bin
passive FTP mode
DNS domain-lookup outside
DNS server-group DefaultDNS
Server name 199.195.xxx.x
Server name 205.171.2.65
Server name 205.171.3.65
domain maladomini.int
permit same-security-traffic inter-interface
the ROUTER-2811 object network
10.10.1.2 home
the ROUTER-2821 object network
Home 10.10.0.2
network of the WEBCAM-01 object
host 192.168.1.5
the DNS SERVER object network
host 192.168.1.2
the ROUTER-3745 object network
host 10.10.2.2
network of the RDP - DC1 object
host 192.168.1.2
PAT-SOURCE network object-group
object-network 10.10.1.0 255.255.255.252
object-network 10.10.0.0 255.255.255.252
network-object 10.10.2.0 255.255.255.252
object-network 192.168.0.0 255.255.255.0
object-network 172.16.10.0 255.255.255.0
object-network 172.16.20.0 255.255.255.0
object-network 128.162.1.0 255.255.255.0
object-network 128.162.10.0 255.255.255.0
object-network 128.162.20.0 255.255.255.0
the DM_INLINE_NETWORK_2 object-group network
network-host 98.22.xxx.xxx object
the Outside_access_in object-group network
object-group Protocol DM_INLINE_PROTOCOL_1
object-protocol gre
allow access-list of standard USERS 10.10.1.0 255.255.255.0
Outside_access_in list extended access permit tcp host object eq ROUTER-2811 98.22.xxx.xx ssh
Outside_access_in list extended access permit tcp host object eq ROUTER-2821 98.22.xxx.xx ssh
Outside_access_in list extended access permit tcp host 98.22.xxx.xx interface outside eq https
Outside_access_in list extended access permit tcp host object 98.22.xxx.xx WEBCAM-01 eq www
access-list extended Outside_access_in permit tcp host 98.22.xxx.xx eq 3389 RDP - DC1 object
IP 128.162.1.0 allow Access-list access-dmz-vlan1 extended 255.255.255.0 any
Note access-list access dmz allow all traffic in DC1
permit access-list extended access dmz ip 128.162.1.0 255.255.255.0 192.168.1.2 host
Note dmz access list only allow DNS traffic to the DNS server
permit access-list extended access dmz udp 128.162.1.0 255.255.255.0 192.168.1.2 host eq field
Note to dmz-access access-list ICMP allow devices in DC
permit access-list extended access dmz icmp 128.162.1.0 255.255.255.0 192.168.1.0 255.255.255.0
pager lines 24
Enable logging
asdm of logging of information
Within 1500 MTU
Outside 1500 MTU
management of MTU 1500
MTU 1500 DMZ
MTU 1500 VOIP
ICMP unreachable rate-limit 1 burst-size 1
ICMP deny everything outside
ASDM image disk0: / asdm - 715.bin
don't allow no asdm history
ARP timeout 14400
no permit-nonconnected arp
!
the ROUTER-2811 object network
NAT (inside, outside) interface static tcp ssh 222 service
the ROUTER-2821 object network
NAT (DMZ, outside) static interface tcp ssh 2222 service
network of the WEBCAM-01 object
NAT (inside, outside) interface static tcp 8080 www service
the ROUTER-3745 object network
NAT (VOIP, outdoor) static interface service tcp ssh 2223
network of the RDP - DC1 object
NAT (inside, outside) interface static service tcp 3389 3389
!
NAT interface (it is, outside) the after-service automatic PAT-SOURCE dynamic source
Access-group Outside_access_in in interface outside
!
router RIP
10.0.0.0 network
version 2
No Auto-resume
!
Route outside 0.0.0.0 0.0.0.0 199.195.xxx.xxx 1
Route inside 128.162.1.0 255.255.255.0 10.10.0.2 1
Route inside 128.162.10.0 255.255.255.0 10.10.0.2 1
Route inside 128.162.20.0 255.255.255.0 10.10.0.2 1
Route inside 172.16.10.0 255.255.255.0 10.10.1.2 1
Route inside 172.16.20.0 255.255.255.0 10.10.1.2 1
Route inside 192.168.1.0 255.255.255.0 10.10.1.2 1
Timeout xlate 03:00
Pat-xlate timeout 0:00:30
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
Floating conn timeout 0:00:00
dynamic-access-policy-registration DfltAccessPolicy
identity of the user by default-domain LOCAL
the ssh LOCAL console AAA authentication
Enable http server
http 0.0.0.0 0.0.0.0 inside
http 98.22.xxx.xxx 255.255.255.255 outside
No snmp server location
No snmp Server contact
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec pmtu aging infinite - the security association
trustpool crypto ca policy
Telnet timeout 5
SSH 0.0.0.0 0.0.0.0 inside
SSH 98.22.xxx.xxx 255.255.255.255 outside
SSH timeout 60
SSH version 2
SSH group dh-Group1-sha1 key exchange
Console timeout 0
a basic threat threat detection
Statistics-list of access threat detection
no statistical threat detection tcp-interception
NTP server 24.56.178.140 prefer external source
username redacted encrypted privilege 15
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns migrated_dns_map_1
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the migrated_dns_map_1 dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
inspect the icmp
inspect the icmp error
inspect the pptp
!
global service-policy global_policy
context of prompt hostname
no remote anonymous reporting call
call-home
Profile of CiscoTAC-1
no active account
http https://tools.cisco.com/its/service/oddce/services/DDCEService destination address
email address of destination [email protected] / * /
destination-mode http transport
Subscribe to alert-group diagnosis
Subscribe to alert-group environment
Subscribe to alert-group monthly periodic inventory
monthly periodicals to subscribe to alert-group configuration
daily periodic subscribe to alert-group telemetry
aes encryption password
Cryptochecksum:6f99e1277a392a926d04735c7f6a8c50
: end
You provided the log messages are NAT and messages from tell-establishment of connections, not blocks.
They are a normal part of the firewall, clean the table xlate and connections once they have expired.
Tags: Cisco Security
Similar Questions
-
I have a lg 4 k tv (40 "40UH630V TV LG ULTRA HD 4 K) with HDMI 2. 0 and if I buy apple tv 4 can be used with HDMI 2. 0 port or do I HDMI 3 port to use this? Please help me
You can use it with your TV.
-
I rented the movie and proceeded to go to google play to see. It acts like it is loading, but the screen goes black and a message says: "there was a problem playing the video on this browser. Try the movies play & TV Chrome App. Learn how to install Chrome and chromium app here. problem: I tried to download Chrome (which I don't like), but it seems not to take. I even rebooted. Google opens upward in Chrome. I really want to watch this movie! Help!
Try:
-
I have not remenber my SECURITY QUESTIONED this ACC, please help me
I have not remenber my SECURITY QUESTIONED this ACC, please help me. I have remenber login pasword.
You must ask security team account Apple to reset your security questions. To contact them, click here and choose a method; If this page does not list one for your country or if you are unable to call, complete and submit this form.
(143383)
-
At the opening of the library of photos, each photo turn the black thumbnail and so that to open it. Preview also does not have photos properly. I tried to repair the library and this did not help. Could this be a problem with the RAM? Help, please!
Check, if pictures can access the original files of your pictures, or if the originals are missing.
You can test to try to edit a photo or trying to export it with "file > export > export original file..."
Photos can be edited or exported?
Shooting Raw or JPEG? Where your photo library is stored? On an external disk or in your pictures folder?
-
in the past I have installed the cd into my itunes to mp3, then I transferred to my sandisk mp3 player and now I don't remember how to do this again, please help, what I forget
Select Edit > Preferences > General (if necessary, press ctrl-B to activate the iTunes menu bar), click import settings..., then select MP3 encoder from the first drop-down and choose the setting of the quality required in the second dropdown. This then becomes the default format for imported CD media.
-
I own a Macbook pro mid 2012. Now I want to increase the RAM of 4 GB to 8 GB, please suggest if this update will help me to improve my performance to macbook.
It will help in cases where the applications require more than 4 GB of RAM. Otherwise, there will be no noticeable difference. If you really want to increase the speed, an SSD is the best option. They cost about 3 x's + more than a traditional HDD of same capacity...
Ciao.
-
80072efe I have Vista Home Premium and I can't download updates it keeps giving me this error code help!
ERROR_INTERNET_CONNECTION_ABORTED 80072EFE
Service Pack 2 is installed? If it has been...
How long this update problem occurred?
What is the suite of security/antivirus installed and is a 3rd party firewall used?
The current AV subscription and it detects malicious software the last time that the system has been analyzed?You can reset the Windows Update components by running the Fixit on this page. But, if there is malware present, she will continue to reset the connection to the update servers:How to reset the Windows Update components
Suggest you download and save the Fixit. Then configure the system before the clean boot by running:
How to troubleshoot a problem by performing a clean boot in Windows Vista/Windows 7Once the Fixit has been downloaded and the system is started in the pure State, check that the native Vista firewall is now on if a 3rd party firewall has been used previously. Now run the Fixit and choose the default mode. Restart once it's done and see if the system can be connected to the update servers. If he can't, then rerun the Fixit and choose aggressive mode. Turn it back on when he finished the race and updates.
MowGreen Services update - consumer safety
-
whenever I select any folder or any icon in my computer win 7 I get a popup to remove this icon why this error comes how can I solve this problem pls help me
Hello
1. don't you make changes to the computer until the problem occurred?
2. What is the exact error message do you get?
I suggest you try the steps mentioned below and check if it helps.
Method 1: Start your system in safe mode and check if the same problem occurs.
http://Windows.Microsoft.com/en-us/Windows-Vista/start-your-computer-in-safe-mode
Method 2 : If the issue does not exist in Mode safe mode then try to put your computer in a clean boot state.
By setting your boot system minimum state helps determine if third-party applications or startup items are causing the problem.
How to troubleshoot a problem by performing a clean boot in Windows Vista or Windows 7:
http://support.Microsoft.com/kb/929135Note: After the boot minimum troubleshooting step, follow step 7 in the link provided to return the computer to a Normal startup mode.
Follow these steps to reset the computer to start as usual:
(a) click on start toreduce this top that i, type msconfig.exe in the Start Search box and press ENTER.
If you are prompted for an administrator password or for confirmation, type your password, or click continue.
(b) under the general tab, click the Normal startup option, and then click OK.
(c) when you are prompted to restart the computer, click restart.
Method 3:
Also scan your computer from the Microsoft Security Scanner, which would help us to get rid of viruses, spyware and other malicious software.
The Microsoft Security Scanner is a downloadable security tool for free which allows analysis at the application and helps remove viruses, spyware and other malware. It works with your current antivirus software.
http://www.Microsoft.com/security/scanner/en-us/default.aspx
Note: The Microsoft Safety Scanner ends 10 days after being downloaded. To restart a scan with the latest definitions of anti-malware, download and run the Microsoft Safety Scanner again.
Hope this information is useful.
-
my internet does not come on directly when I click the icon Internet... a window usually appears gaveme alternate programs of your choice. It's a pain because it was not like this before. Help, please!
Hi hamnej,
What is the 'alternative' open window that keeps popping up and what alternative programs you are requested to choose? Either by the way, not by chance is offered a selection of browsers to choose (this must be done in the UK and the European Union). If so just click OK button to connect to the internet. Once you have done this you will be given the choice of browser. If you do not want to change the browser, you already have IE 8.0, so I see no reason to change, then close the window and have no other problems. If you have a "Choose Browser" icon on your desktop, it can be removed.
John Barnett MVP: Windows XP Expert associated with: Windows Desktop Experience: Web: http://www.winuser.co.uk ; Web: http://xphelpandsupport.mvps.org ; Web: http://vistasupport.mvps.org ; Web: http://www.silversurfer-guide.com
-
A problem prevented the document are analyzed. Windows 7 - HP G4050 scanner.
I have a HP G4050 which worked fine with Vista. After the upgrade to Windows 7, I get the following error when scanning:A problem prevented the document are analyzed. Please try again, or to correct this information, see Help and Support or the documentation that came with the scanner.
I get a different error during an attempt of an overview. It starts to get an overview of the page, gets about 2 inches to the bottom of the page and then I get the following error:
An error occurred when you set the properties of the scanner. If another program is scanning, please wait to complete, and then try again.
I downloaded the latest driver (and reinstalled several times) of HP with no luck. No errors are recorded in the Application events.
I'm going nuts trying to figure out this one! Thanks for your help.
BT
Update:
I finally had time to unplug the scanner, wait 60 seconds and then plug it again.
Problem solved.
Scan of stupid...
BT
-
Hi there - already I bought a month of adobe stock (10 pictures per month) and cancelled it after a month. The system is not offered this choice. Help, please. It meets my needs, I won't be frozen for more than a month. Thanks Jo
Hi Joanne,
Do you mean that you're not seen the monthly plan? Can please sign in the stock site, go you to: plan pricing and membership Adobe Stock | Adobe Stock and send me a screenshot of what you see? This will help me to solve your problem.
Thank you.
EBQ
-
When I click on open in RAW, this message keeps coming up. CAMERA RAW IS NOT ENABLED. Camera Raw edition requires a product calling it launched at least once to activate this feature. Help, please. What is c?
I don't really think it will work, but I have a vague memory of something like this caused by different versions of a file in Bridge and Photoshop. If you want to try it go in the bridge folder and find a file named Amtlib.dll and rename the original Amtlib.dll. Now, go to your Photoshop folder and find the file with the same name and copy it in the folder of the bridge. Now, try to see if your image will now open in Raw. If this does not work, go to the folder of the bridge, remove the Amtlib.dll and restore the original to its former name.
Terri
-
I bought a new iMac, and now I don't know how to re-download/switch the photoshop Lightroom (1 year contract) - MONTHLY PAY - I bought this machine. Help, please?
Download & install instructions https://forums.adobe.com/thread/2003339 can help
-includes a link to access a page to download the Adobe programs if you do not have a disk or drive
Also go to https://forums.adobe.com/community/creative_cloud/creative_cloud_faq
-
I'm so frustrated! I have CS5 Master Collection. I want to UPGRADE to CS6 Master Collection. I want to be on the cloud! I can't find where to put up-to-date or any CONTACT to ask for help. It shouldn't be this hard. HELP Please!
See the link below:
-
I just started using dreamweaver cs5 and image width = "3507" height = "2480 appears correctly on my page how to solve the this.someone please help
I played around the waist ut still not put the page to display properly
The time has come to show us the code. It is best done by providing a link to the site, if you could post the HTML code and CSS here for us to have a look on.
What you did until now, is an image that is limited in its container, a container that is much narrower than the width you are aiming for.
Maybe you are looking for
-
I just new HP Pavilion - 17z product M7e01av.
Ordered to the blue tooth, but he continues to seek and does not connect to devices that it locates.
-
I saved a reading of the worksheet vi of the file in the user's library. When I reference from another vi he clones himself - why?
-
Add Device sees wireless but printer is plugged and can reach the HTTP page on wire
I installed my new 8000 Officejet Pro A809 with an ethernet but when I run the Wizard "Add Device" of HP, it trys to install as wireless even though I select wired and the installation fails. I can see the page http for the printer and it presents in
-
VPN site to site ASA and SSL VPN
Hello Already configured vpn site to site for both sites. Now, I try to configure vpn remote access to one site. But I'm starting to config some command like below to access remote vpn, the existing site-to-site vpn disconnected auto. No crypto ipsec
-
Open CL for Adobe Premiere Pro CS 5.5
How can I use AMD Radeon R9 M290X with 4 GB within a 5 K with first Pro CS 5.5 iMac to use the GPU supporting the Mercury playback engine.Y at - it a patch or an update for CS 5.5 available that support it. I want to stay with CS 5.5 now, I am happy