Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ENABLE IP SPOOFING FROM INSIDE TO DMZ

Hi all,

         There is my issue. I have a PIX 515, an Orion Monitoring server, and a Syslog server. The Pix sends its log to the syslog server. I need to enable IP spoofing in the PIX, so my syslog server is able to send log back to the  Orion server. The syslog server is in the inside interface, spoof is enable in the inside interface. However, I keep getting deny from the firewall. I did add an ACL to permit ip from the syslog server to the orion server. The orion server is in a DMZ which also have an ACL to permit ip traffic between the two servers.

output from the firewall returns: deny ip spoof from the inside interface.

Any idea will be appreciate,

Thanks,

Crazy

1 REPLY
New Member

Re: ENABLE IP SPOOFING FROM INSIDE TO DMZ

Spoofing alerts indicate that there is no route for the IP in question associated with the interface it is seen on.  If you do have a route for it, it might be an asynchronous routing issue.

287
Views
0
Helpful
1
Replies
CreatePlease to create content