Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Finding a non routable IP on the network

Morning

I came into work this morning to find our primary ASA Firewall spamming reverse path check errors from a RFC1918 DHCP address port scanning through all the ranges in the RFC1918 DHCP address space, source of 169.254.98.168.   My hunch is someone has a virtual machine that is mis-configured.  This IP isn't a valid IP on our network and certainly isn't specifically in our routing table however due to gateway of last resort its being deposited onto our firewall.

My question is, is there a way to track this IP back to its source switch/interface?  It doesn't appear in routing tables or arp tables.  Its not really hurting anything, its just terribly annoying.

*

thanks

e-

2 REPLIES

Re: Finding a non routable IP on the network

You could try to put yourself on that same subnet, ping the device, check the arp tables on the switch to find the mac and then find the mac address in the table to find the port that it's connected to......

HTH,

John

HTH, John *** Please rate all useful posts ***
New Member

Re: Finding a non routable IP on the network

I'm doing that very thing right now, however there are many subnets so its going to take some time.

e-

167
Views
0
Helpful
2
Replies