I have two ASA connected together one with IPS module and the another with AntiX module, the inside interface of the first one is connected to the outside of second one
The first one have default route to the ISP âinternetâ and the second have default route to the first one , I don't do static in the first one coz all IP are public and I run ver 7.2 on both ASA so all my ASA will work like a router , well my problem is the second ASA can not get access to the internet , when I open the logging in the first ASA I can see that the first ASA deny the second ASA by saying :
â%ASA-2-106017: Deny IP due to Land Attack from xx.xx.xx.66 to xx.xx.xx.66â
When I remove the second one and but my lap top with the same IP address I can connect to the internet but when I but the second ASA I can not, so I know there is a special configuration when you connect two ASA to work together.
I tried to go trough the configurations but without IP addresses is difficult.
The syslog message 2-106017 means that The security appliance received a packet with the IP source address equal to the IP destination, and the destination port equal to the source port. This message indicates a spoofed packet that is designed to attack systems, please confirm that you don't have same IP addresses on the Firewalls and also include a permit icmp any any on line 1 of the access-list OUTSIDE_IN in the first ASA and then try to ping first the outside interface of the Secondary PIX, if that works, then try to ping 126.96.36.199 and turn on debug icmp trace on both firewalls and look at the output.
then I know what the message 2-106017 mean but i want to inform you that the IP i get in this message was the IP of secoand ASA-AntiX
so i know there is no spoof attack it just false positive alarm. But about the real IP address I can not give it ,you know friend there is so many People reading the site so I can not post my rewal IP even if I was secure my network very well. what ever thanx for your help friend.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...