Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
963
Views
0
Helpful
6
Replies

Strange GRE reverce path check error

Bernard Magny
Level 1
Level 1

‎02-02-2009 04:42 AM - edited ‎03-06-2019 03:48 AM

Hello,

On one of my inside interface I constantly get this error:

Deny GRE reverse path check from 90.53.3.2 to 90.53.3.1 on interface Operations

I'm having difficulties finding out where it comes from.

we don't have any IPs in that range on the inside of the network. It must be some kind of server with a bad configuration. I can't find the source IP in the ARP table of the switch.

I was wondering if someone can guide me in the right direction to find out what device is doing this.

Thanks

Labels:
0 Helpful
6 Replies 6

passioncas
Level 1
Level 1

‎02-02-2009 04:53 AM

hi..

Please let me know the GRE interface IP address.Assume that the GRE Tunnel has been configured over internet.Then it can be an IP address configured on the GRE interface

Please let me know

0 Helpful

Bernard Magny
Level 1
Level 1
In response to passioncas

‎02-02-2009 04:56 AM

I have no GRE tunnel configured.

The outside ip is 83.244.220.82

0 Helpful

passioncas
Level 1
Level 1
In response to Bernard Magny

‎02-02-2009 05:17 AM

Hi

Hope you are getting this error on the Switch.request you to share the configuration of the Switch

Regards

0 Helpful

Bernard Magny
Level 1
Level 1
In response to passioncas

‎02-02-2009 05:19 AM

I don't understand? this is on a ASA device.

0 Helpful

passioncas
Level 1
Level 1
In response to Bernard Magny

‎02-02-2009 05:29 AM

Okay.

This is a spoofed attack and are getting blocked as Reverse path Checking has been enabled on ASA.Nothing to do with this as this is getting blocked by the ASA.Any query please refer the below link

http://www.cisco.com/en/US/docs/security/asa/asa72/system/message/logmsgs.html#wp1279897 and check the error number 106021

hope to help

0 Helpful

Bernard Magny
Level 1
Level 1
In response to passioncas

‎02-02-2009 06:39 AM

I understand this, but it's on the inside of my network. So I would like to find a way to find what host is doing this.

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card