Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

Can the PIX/ASA Firewall block IP spoof attacks?

Resolution

Yes. To enable the antispoofing feature on the PIX Firewall, issue the ip verify reverse-path interface int_name command.

Note: This feature requires that all internal networks have routes to them on the PIX, and that a default route is also set. An example is shown below.

ip verify reverse-path interface outside

1729
Views
0
Helpful
0
Comments