Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Spoof Attack from known IP

Hello,

 

I hope this is in the right section, I am sorry if it's not.

 

I have been having some trouble getting an L2L VPN working between two exactly the same Cisco ASA5505s. Now it's only the VPN between these two particular sites, as the VPNs work fine between the other ASA5505 without any issues. 

Both ASAs are running 9.2 version. There is an existing VPN connection from both of these ASAs to another site, both work fine, just not from this site back to remote office. 

When I look at the log of the remote ASA, it says that my local ASA's IP has been seen as a spoofed IP and thus the connection denied. What could this be and how can I get around this? I do not have any IPS modules on either sites. 

 

2 Nov 03 2014 10:03:17 Deny IP spoof from (86.x.x.x) to 81.x.x.x on interface outside

Everyone's tags (2)
1 REPLY
Community Member

Did you implement the same IP

Did you implement the same IP address on two ports of different ASA,

You may want to paste your config for both ASA for us to take a look.

119
Views
0
Helpful
1
Replies
CreatePlease to create content