I have a Cisco firewall that is logging the following SYSLOG (about 15 per second):
Denied ICMP type=3, from laddr 10.1.72.30 on interface Inside539 to 220.127.116.11: no matching session
The destination IP of 18.104.22.168 varies, but the source is always the same. I have found that the customer has SolarWinds installed on this host. Why would the firewall be blocking OUTBOUND packets when I have an outbound ACL (applied to Inside539 interface)?
access-list Inside539_access_in extended permit ip 10.1.72.0 255.255.255.0 any