Syslog ASA-2-106017 HOW ?

lowfell · ‎06-24-2008

I have the following configuration.

Webserver 10.*.*.* Nats to 209.*.*.* on ASA 5510

Have ports opened inside & outside on the ASA for the relevant Webserver access.

when the connection is attempted from the outside world the connection half works, that it gives a login page, once you enter the correct credentials it eventually gives the wrong page from the database. At this time I always see the following syslog message

%PIX|ASA-2-106017: Deny IP due to Land Attack from IP_address to

IP_address(where the IP address is my public address)

As far as I can see I would say anti spoofing IS NOT configured on this firewall there is no

ip verify reverse-path command

in my config & as far as I can see no service policies implemented apart from defaults.

Any ideas ?

hadbou · ‎06-29-2008

I have the following configuration. Webserver 10.*.*.* Nats to 209.*.*.* on ASA 5510 Have ports opened inside & outside on the ASA for the relevant Webserver access. when the connection is attempted from the outside world the connection half works, that it gives a login page, once you enter the correct credentials it eventually gives the wrong page from the database. At this time I always see the following syslog message %PIX|ASA-2-106017: Deny IP due to Land Attack from IP_address to IP_address(where the IP address is my public address) As far as I can see I would say anti spoofing IS NOT configured on this firewall there is no ip verify reverse-path command in my config & as far as I can see no service policies implemented apart from defaults. Any ideas ?