Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

debugging a link local issue

i'm getting a ton of link local reverse path errors on my inside interface on my ASA

1          Dec 30 2013          08:01:33                                        Deny UDP reverse path check from to on interface inside

where should i start to hunt down this address?  i know its facticious local address, however, is there a way i can track it down?  can i snag the MAC address where its coming from somewhere if i do more debugging?   perhaps running a wireshark is where i should start?

Super Bronze

debugging a link local issue


You could configure a capture on the ASA

For example

access-list CAPTURE permit ip any

capture CAPTURE type raw-data access-list CAPTURE interface inside buffer 10000000 circular-buffer

Change the buffer size if you need to.

You can then view if the capture has captured any traffic with the command

show capture

You can view the actual capture contents with the command

show capture CAPTURE

But you should probably copy the capture to some host with TFTP and view it with Wireshark. You should be able to check the MAC address of the hosts from the capture file. Seems to me like you have hosts that are unable to get an IP address with DHCP if they are using the above type of IP addresses.

You can copy the capture contents with the command

copy /pcap capture:CAPTURE tftp://x.x.x.x/CAPTURE.pcap

You can remove the capture (and its data) with the command

no capture CAPTURE

You will have to remove the ACL separately

Hope this helps

- Jouni

New Member

debugging a link local issue

sweet, didnt know i could do a pcap capture on the asa! thanks. 

CreatePlease to create content