Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
751
Views
0
Helpful
1
Replies

Unicast Reverse Path Forwarding - Anti-Spoofing

rodrigo.cisco
Level 4
Level 4

‎08-26-2009 07:57 AM - edited ‎03-11-2019 09:09 AM

Hi guys,

I enabled Unicast RPF to protect my network of malicious traffic. How you can see on output of command "show ip verify statistics", show dropped packets on output interface and I would like to investigat to determine their source and whether the packets indicate attempts to circumvent network security. How I dont a security expert I would like so much help of yours, someone can help me?

FWASP01(config)# sh ip verify statistics

interface outside: 541 unicast rpf drops

interface inside: 0 unicast rpf drops

Labels:
0 Helpful
1 Reply 1

Yudong Wu
Level 7
Level 7

‎08-26-2009 12:05 PM

You can check your syslog for message 106021 and 106022

http://www.cisco.com/en/US/partner/docs/security/asa/asa80/system/message/logmsgs.html#wp4768997

It will tell you the IP address but it won't help anything since it's a spoofing IP.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card