Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Unicast Reverse Path Forwarding - Anti-Spoofing

Hi guys,

I enabled Unicast RPF to protect my network of malicious traffic. How you can see on output of command "show ip verify statistics", show dropped packets on output interface and I would like to investigat to determine their source and whether the packets indicate attempts to circumvent network security. How I dont a security expert I would like so much help of yours, someone can help me?

FWASP01(config)# sh ip verify statistics

interface outside: 541 unicast rpf drops

interface inside: 0 unicast rpf drops

1 REPLY

Re: Unicast Reverse Path Forwarding - Anti-Spoofing

You can check your syslog for message 106021 and 106022

http://www.cisco.com/en/US/partner/docs/security/asa/asa80/system/message/logmsgs.html#wp4768997

It will tell you the IP address but it won't help anything since it's a spoofing IP.

538
Views
0
Helpful
1
Replies
CreatePlease to create content