Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)

"UDP FLOODING" MESSAGE WHEN ACCESSING WEB SERVER HOSTED IN LAN FROM INSIDE

Hi ,

I have a query.I have hosted a server in the Inside zone of the ASA firewall.Whenever i try to access the url from inside i find the packet getting blocked by the firewall throwing an error "UDP flooding".After which i added a proxy and then when accessed the same was working fine.Can i not achieve the requirement without adding a proxy.I am sure there should be some command in ASA which should help me avoid UDP flooding when accessing the url from inside.Kindly suggest.

Regards,

Jkannan

3 REPLIES
New Member

Re: "UDP FLOODING" MESSAGE WHEN ACCESSING WEB SERVER HOSTED IN L

I would suggest you look at the rules governing access from the inside to the DMZ and vice versa. What you have stated suggests that the proxy is allowed through but the other machine is not.

Re: "UDP FLOODING" MESSAGE WHEN ACCESSING WEB SERVER HOSTED IN L

Hi,

There is no dmz in this case.The firewall is enabled for only Inside to Outside Internet access and also is configured for port forwaring features to access certain servers from outside. Am sure there should be some cli based command to stop the udp flooding.Please help..

regards..Jkannan

Re: "UDP FLOODING" MESSAGE WHEN ACCESSING WEB SERVER HOSTED IN L

Hi ,

Kindly suggest on the above.

Is this a problem because of the sysopt noproxyarp functionality.The output of the present show run sysopt is as mentioned below.

Should i apply no sysopt nopproxyarp outside command, so that the inside users can access the webserver hosted in the inside using the url directly.

# show run sysopt

no sysopt connection timewait

sysopt connection tcpmss 1380

sysopt connection tcpmss minimum 0

no sysopt nodnsalias inbound

no sysopt nodnsalias outbound

no sysopt radius ignore-secret

sysopt connection permit-vpn

regards...Jkannan

138
Views
0
Helpful
3
Replies
CreatePlease to create content