cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
479
Views
0
Helpful
1
Replies

ENABLE IP SPOOFING FROM INSIDE TO DMZ

Hi all,

         There is my issue. I have a PIX 515, an Orion Monitoring server, and a Syslog server. The Pix sends its log to the syslog server. I need to enable IP spoofing in the PIX, so my syslog server is able to send log back to the  Orion server. The syslog server is in the inside interface, spoof is enable in the inside interface. However, I keep getting deny from the firewall. I did add an ACL to permit ip from the syslog server to the orion server. The orion server is in a DMZ which also have an ACL to permit ip traffic between the two servers.

output from the firewall returns: deny ip spoof from the inside interface.

Any idea will be appreciate,

Thanks,

Crazy

1 Reply 1

terrygwazdosky
Level 1
Level 1

Spoofing alerts indicate that there is no route for the IP in question associated with the interface it is seen on.  If you do have a route for it, it might be an asynchronous routing issue.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: