Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Deny UDP reverse path check from

I Got This so much log forn my cisco asa

Deny UDP reverse path check from to on interface outside is in my inside interface <-- i dont know where, not in my enterprise LAN

what cause this log ?

how to overcome ?

New Member

Deny UDP reverse path check from

Hi Ibrahim,

The ASA is just reporting that you are receiving a packet on an interface where it shouldn't be received, based on the routing table.

So if is on your Inside it is expected for the ASA to display that message if you are getting a pcket with that source IP address on the Outside interface.

You would need to troubleshoot here why those packets are being received on the Outside in the first place. You can set some captures on the ASA Outside interface and then check the source MAC address in the packet in order to have a clue about from what kind of device you are receiving those packets.

If troubleshooting this gets complicated at the moment you can remove the following command from the ASA and you won't see those logs anymore:

ip verify reverse-path interface outside

This is the command that enables the RPF check on the ASA.

I hope it helps!

CreatePlease to create content