PIX log reporting 169.254.126.114/500 dst outside:192.168.100.2/500

Discussion in 'Cisco' started by hoser, Apr 14, 2005.

  1. hoser

    hoser Guest

    Hi,
    I am having a problem with the syslog which is reporting:

    "No translation group found for udp src inside:169.254.126.114/500 dst
    outside:192.168.100.2/500"

    As far as i know 169.254.126.114 is a MS proprietory IP, and i dont
    know why this address is requesting a translation.
    hoser, Apr 14, 2005
    #1
    1. Advertising

  2. In article <>,
    hoser <> wrote:
    :I am having a problem with the syslog which is reporting:

    :"No translation group found for udp src inside:169.254.126.114/500 dst
    :eek:utside:192.168.100.2/500"

    :As far as i know 169.254.126.114 is a MS proprietory IP, and i dont
    :know why this address is requesting a translation.

    169.254/16 is the network number that Microsoft and Mac OS X hosts
    uses when they attempt to DHCP and [for whatever reason] do not
    receive an answer; also, they may use it on rare occasions if
    static IP address configuration fails. Windows boxes have a tendancy
    to DHCP unexpectedly -- we get a noticable number of incidents in which
    Windows boxes with static IPs DHCP anyhow.

    Thus, what is -likely- happening is that some Windows host on your
    network was unable to get an IP and so assigned itself a random IP
    in the 169.254/16 range. Now the host is trying to form a VPN connection
    to 192.168.100.2.

    Likely your 'nat (inside)' statement lists only your real IP ranges
    instead of the (all too common) nat (inside) 1 0.0.0.0 0.0.0.0
    that people have a tendacy to use. Since the IP does not match
    any of your nat or static statements, the PIX refuses to let the
    packet out [which is what you want in this case!] It sounds like
    you have configured properly and that your PIX has reacted properly.
    --
    "Mathematics? I speak it like a native." -- Spike Milligan
    Walter Roberson, Apr 14, 2005
    #2
    1. Advertising

  3. hoser

    hoser Guest

    Thanks for the response, the problem we are having is to locate the
    box that is requesting the translation. I guess doig a sniffing will
    help at this situation.
    Thanks
    hoser, Apr 15, 2005
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. swsw
    Replies:
    3
    Views:
    1,422
    Walter Roberson
    Jul 28, 2005
  2. Sandi

    169.254.0.0 and Zone Alarm

    Sandi, Mar 12, 2005, in forum: Computer Security
    Replies:
    4
    Views:
    6,700
  3. ~~~ The Obelisk [7.13.86.42] ~~~
    Replies:
    0
    Views:
    392
    ~~~ The Obelisk [7.13.86.42] ~~~
    Sep 10, 2006
  4. =?Utf-8?B?R2F1cmFuZw==?=

    Wireless connection getting 169.254.xx ip after new installation

    =?Utf-8?B?R2F1cmFuZw==?=, Feb 11, 2007, in forum: Wireless Networking
    Replies:
    3
    Views:
    822
  5. Scooty
    Replies:
    0
    Views:
    1,665
    Scooty
    Mar 8, 2007
Loading...

Share This Page