Spoof Attack from known IP

Unanswered Question
Nov 3rd, 2014
User Badges:

Hello,

 

I hope this is in the right section, I am sorry if it's not.

 

I have been having some trouble getting an L2L VPN working between two exactly the same Cisco ASA5505s. Now it's only the VPN between these two particular sites, as the VPNs work fine between the other ASA5505 without any issues. 

Both ASAs are running 9.2 version. There is an existing VPN connection from both of these ASAs to another site, both work fine, just not from this site back to remote office. 

When I look at the log of the remote ASA, it says that my local ASA's IP has been seen as a spoofed IP and thus the connection denied. What could this be and how can I get around this? I do not have any IPS modules on either sites. 

 

2 Nov 03 2014 10:03:17 Deny IP spoof from (86.x.x.x) to 81.x.x.x on interface outside

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Koh Chin Han Mon, 11/03/2014 - 13:12
User Badges:

Did you implement the same IP address on two ports of different ASA,

You may want to paste your config for both ASA for us to take a look.

Actions

This Discussion