And you will see the message, which is quite misleading:
106011
Error Message %FWSM-3-106011: Deny inbound (No xlate) string
Explanation The message will appear under normal traffic conditions if there are internal users that are accessing the Internet through a web browser. This message will appear any time a connection is reset, when the host at the end of the connection sends a packet after the security appliance receives the reset. It can typically be ignored.
Recommended Action Prevent this syslog message from getting logged to the syslog server by entering the no logging message 106011 command.
You could just allow communication using the same-security level under or as I prefer, set a different security-level per interface.
No comments:
Post a Comment