Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Error Message : Drop-reason: (ipsec-spoof) IPSEC Spoof detected

Hi,

When i run a Packet tracer in PIX, getting a below output:

Result:

input-interface: outside_interface

input-status: up

input-line-status: up

output-interface: mpls_interface

output-status: up

output-line-status: up

Action: drop

Drop-reason: (ipsec-spoof) IPSEC Spoof detected

Please help me to fix this issue.

1 REPLY
Super Bronze

Error Message : Drop-reason: (ipsec-spoof) IPSEC Spoof detected

Hi,

To my understanding you are trying to emulate VPN/Encrypted traffic from the PIX firewalls outside interface and therefore the PIX drops the traffic (because its supposed to be encrypted traffic arriving on a VPN connection to the PIX)

If you are testing a L2L VPN connection on the PIX, do the test in the other direction. From IN -> OUT

This should already bring the VPN tunnel up even though no actual traffic is generated to the tunnel.

- Jouni

1050
Views
0
Helpful
1
Replies
CreatePlease to create content