cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
28278
Views
5
Helpful
4
Replies

Deny UDP reverse path check from ....

cascolibre
Level 1
Level 1

%ASA-1-106021: Deny UDP reverse path check from 172.19.60.219 to 172.19.60.255 on interface outside

I have seen this syslog messages, when i connect with vpnclient.172.19.60.0/24 is my inside.

How can i solve that issue,

casco

4 Replies 4

m.sir
Level 7
Level 7

It means that outside interface recieved packet from network that is NOT in firewall routing table...

Its enabled with command

ip verify reverse-path interface outside

You can disable this feature with command

no ip verify reverse-path interface outside

Do you know what is 172.19.60.x network???

M.

Hope that helsp rate if it does

Thks.

172.19.60.x is my inside network block.

But there is no route from inside to outside already.

stalin_cisco
Level 1
Level 1


Hi Friends,

I'm also getting this logs on my ASA firewall,

%ASA-1-106021: Deny UDP reverse path check from 10.67.3.113 to 10.67.254.66 on interface inside

Both Ip address are not in my network... Please help me how i can trace the IP address ?

Thank you,

Regards,

Stalin P

Haitham Jaradat
Cisco Employee
Cisco Employee

Can you share the following information:

1. NAT configuration.

2. interface configuration.

3. VPN client pool used.

4. routing table from the ASA.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: