Firewall – Cisco Pix 501 – reaching local host limit, showing odd IP addresses

cisco-pixfirewall

I am running out of licenses on my Pix 501, and the show local-host command lists a number of odd IP addresses that do not belong to my 10.10.1.* subnet. Any idea what they are? The only thing I could find was a potential ISP: DINSA is Defence Interoperable Network Services Authority, an agency of the Ministry of Defence of the United Kingdom. Does not sound right.

I don't see any active connections, though. I can't ping or traceroute these IPs, but they reappear after I clear the list, with various other addresses in that general range, up until the connection limit is reached. Based on the number denied, I suppose I would have a lot more of them had I not the connection limit. Very dubious. Is anybody else seeing this?

pixfirewall# show local-host
Interface inside: 10 active, 10 maximum active, **118 denied**
local host: <10.10.1.110>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.176>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.170>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 1/unlimited
  AAA:
  Xlate(s):
  Conn(s):


local host: <10.10.1.175>,
    TCP connection count/limit = 11/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 1/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.108>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <25.33.41.115>,   // ???????????????? what is this?
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <25.33.226.124>,   // ???????????????? what is this?
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.172>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <25.36.114.91>,     // ???????????????? what is this?
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.109>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

pixfirewall#

Best Answer

It turns out that this is indeed caused by my Nexus One Android smartphone. I will move this question to the Android forum on Google.

Related Topic