Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

PIX keeps logging spoof errors, indicating possible attack or asymmetric routing

Core issue

This can be caused by asymmetric routing or an IP spoof attack.

Resolution

Make sure that the PIX does not have multiple paths that the device may be reached through. If it is not an asymmetric routing issue, then the PIX may be under attack by an IP spoofer.

To stop this type of attack, try the following steps.

  1. Configure an access list on the interface under attack to block the IP address.

2.   Configure the ip verify reverse-path feature.

3.   Contact your ISP and have them block that IP address.

Version history
Revision #:
1 of 1
Last update:
‎06-18-2009 03:50 PM
Updated by:
 
Labels (1)