Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6996
Views
0
Helpful
1
Replies

Deny UDP reverse path check from

superlubis
Level 1
Level 1

‎11-27-2011 07:53 PM - edited ‎03-11-2019 02:55 PM

I Got This so much log forn my cisco asa

Deny UDP reverse path check from 172.16.38.114 to 192.168.2.1 on interface outside

172.16.38.114 is in my inside interface

192.168.2.1 <-- i dont know where, not in my enterprise LAN

what cause this log ?

how to overcome ?

Labels:
0 Helpful
1 Reply 1

josecalv
Level 1
Level 1

‎11-28-2011 09:49 AM

Hi Ibrahim,

The ASA is just reporting that you are receiving a packet on an interface where it shouldn't be received, based on the routing table.

So if  172.16.38.114 is on your Inside it is expected for the ASA to display that message if you are getting a pcket with that source IP address on the Outside interface.

You would need to troubleshoot here why those packets are being received on the Outside in the first place. You can set some captures on the ASA Outside interface and then check the source MAC address in the packet in order to have a clue about from what kind of device you are receiving those packets.

If troubleshooting this gets complicated at the moment you can remove the following command from the ASA and you won't see those logs anymore:

ip verify reverse-path interface outside

This is the command that enables the RPF check on the ASA.

I hope it helps!



0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card