Cisco Pix 501 - reaching local host limit, showing odd IP addresses

Question

I am running out of licenses on my Pix 501, and the show local-host command lists a number of odd IP addresses that do not belong to my 10.10.1.* subnet. Any idea what they are? The only thing I could find was a potential ISP: DINSA is Defence Interoperable Network Services Authority, an agency of the Ministry of Defence of the United Kingdom. Does not sound right.

I don't see any active connections, though. I can't ping or traceroute these IPs, but they reappear after I clear the list, with various other addresses in that general range, up until the connection limit is reached. Based on the number denied, I suppose I would have a lot more of them had I not the connection limit. Very dubious. Is anybody else seeing this?

pixfirewall# show local-host
Interface inside: 10 active, 10 maximum active, **118 denied**
local host: <10.10.1.110>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.176>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.170>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 1/unlimited
  AAA:
  Xlate(s):
  Conn(s):


local host: <10.10.1.175>,
    TCP connection count/limit = 11/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 1/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.108>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <25.33.41.115>,   // ???????????????? what is this?
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <25.33.226.124>,   // ???????????????? what is this?
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.172>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <25.36.114.91>,     // ???????????????? what is this?
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

local host: <10.10.1.109>,
    TCP connection count/limit = 0/unlimited
    TCP embryonic count = 0
    TCP intercept watermark = unlimited
    UDP connection count/limit = 0/unlimited
  AAA:
  Xlate(s):
  Conn(s):

pixfirewall#

I have been experimenting a bit and turned off several devices, without a change. I still have a Lingo Voip DTA running that could be causing this (it is a British company after all), but that has been in my internal network for years without issue. It seems that these problems started when I got my Nexus One. It is always connected to the wireless network. I will see if these IP addresses disappear when the Nexus One is turned off. — cdonner, Jan 26 '10 at 02:32

score 1 · Accepted Answer · answered Jan 26 '10 at 14:04

1

It turns out that this is indeed caused by my Nexus One Android smartphone. I will move this question to the Android forum on Google.

answered Jan 26 '10 at 14:04

cdonner

381
1
5
14

Cisco Pix 501 - reaching local host limit, showing odd IP addresses

1 Answers1