Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Deny UDP Reverse Path

Dear expert,

When we turn on the syslog, we see a lot of messages as "%PIX-1-106021: Deny UDP reverse path check from 192.168.0.208 to 10.17.18.150 on interface inside". Is there any explanation for this ?

  • Other Security Subjects
1 REPLY
Gold

Re: Deny UDP Reverse Path

Reverse path check is used when is packet comes from network behind interface and this network is not in firewalls routing table...its antispoofing feature... What is 192.168.0.0 range in your network???? If you dont have such network it could be some machine in your "legal" network with 2 networks card and second is addressed with 192.168.0.208 (and routing is not properly configured) - its could be explanation how 192.168. network could appear on your firewall

M.

Hope that helps, rate if it does

201
Views
0
Helpful
1
Replies
This widget could not be displayed.