Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
559
Views
0
Helpful
2
Replies

disable Spoof detection Inside

dmooreami
Level 3
Level 3

‎09-25-2008 01:36 PM - edited ‎03-11-2019 06:49 AM

Have a pix 515e in lab running 7.0x code. It is flooding me with Ip spoof messages. how do I disable Ip spoof detection on the inside interface. The addresses it claims are being spoofed are GRE tunnel endpoints that need to pass thru the pix.

I have this config running in production and don't get any spoof messages

Thanks

Labels:
0 Helpful
2 Replies 2

suschoud
Cisco Employee
Cisco Employee

‎09-26-2008 06:33 AM

Run :

sh run | in ip verify

You should see :

ip verify reverse-path interface inside

Do a " no "...

no ip verify reverse-path interface inside

If this does not help,maybe you can post the exact log message.

Regards,

Sushil

0 Helpful

dmooreami
Level 3
Level 3
In response to suschoud

‎09-26-2008 07:00 AM

had spoof off on the interfaces, there was no Ip verify reverse-path.

Ok here was the problem, I had static routes on the pix that pointed to subnets on the inside that were not present on my lab router.

Example, I had route to 192.168.99.7 but no 192.168.99.0/24 subnet. I created a loopback interface with that subnet and the spoofs that the pix was reporting to 99.7 went away.

Seems a guy in another thread had a similar problem but he didn't have a default route set for his outside interface

Once I went into my lab router and created loopbacks with the 3 subnets that were being spoofed, all spoof attacking ceased.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card