Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Deny IP due to Land Attack from IP_address to IP_address

Dear all,

Urgently need help as I tried many ways but still can't solve this issue.

Appreciate it if you guys can help me. Thanks!

Refer the attached files as my settings in Cisco ASDM 7.4 for ASA.

Did my settings in NAT and ACL configure wrongly?

This is the result that I get as below:

%ASA-2-106017: Deny IP due to Land Attack from IP_address to IP_address

Do you guys have any solution for the issue that I faced?

Much appreciated.

Thank you!

Regards,

Menning

2 REPLIES

Hi,

Hi,

The below link (discussion) may provide some info..

https://supportforums.cisco.com/discussion/11316511/asa-land-attack-and-nat-config

Thx

MS

Cisco Employee

Hi,

Hi,

ASA would drop the packets if the source and destination IP are the same.

So this is expected.

To know why this is happening we need to take packet captures on all the ASA interfaces.

To identify which device is generating this traffic, I would like to suggest you applying packet captures as follow:

 access-list cap permit ip host <IP address in the syslog> host <ip address in the syslog>

Capture cap access-list cap interface outside

Capture cap1 access-list cap interface <>

cap cap type asp-drop all buffer 3000000 circular-buffer

Use captures on all the interfaces matching the same access-list and share with us.

Regards,

Aditya

Please rate helpful and mark correct answers

46
Views
0
Helpful
2
Replies
CreatePlease login to create content