https://community.cisco.com/t5/network-security/unicast-reverse-path-forwarding-anti-spoofing/m-p/1270246#M827674 <HTML><HEAD></HEAD><BODY><P>You can check your syslog for message 106021 and 106022</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/partner/docs/security/asa/asa80/system/message/logmsgs.html#wp4768997" target="_blank">http://www.cisco.com/en/US/partner/docs/security/asa/asa80/system/message/logmsgs.html#wp4768997</A></P><P></P><P>It will tell you the IP address but it won't help anything since it's a spoofing IP.</P><P></P><P></P></BODY></HTML> Wed, 26 Aug 2009 19:05:06 GMT Yudong Wu 2009-08-26T19:05:06Z https://community.cisco.com/t5/network-security/unicast-reverse-path-forwarding-anti-spoofing/m-p/1270245#M827662 <P>Hi guys,</P><P></P><P>I enabled Unicast RPF to protect my network of malicious traffic. How you can see on output of command "show ip verify statistics", show dropped packets on output interface and I would like to investigat to determine their source and whether the packets indicate attempts to circumvent network security. How I dont a security expert I would like so much help of yours, someone can help me?</P><P></P><P>FWASP01(config)# sh ip verify statistics</P><P>interface outside: 541 unicast rpf drops</P><P>interface inside: 0 unicast rpf drops</P> Mon, 11 Mar 2019 16:09:57 GMT https://community.cisco.com/t5/network-security/unicast-reverse-path-forwarding-anti-spoofing/m-p/1270245#M827662 rodrigo.cisco 2019-03-11T16:09:57Z https://community.cisco.com/t5/network-security/unicast-reverse-path-forwarding-anti-spoofing/m-p/1270246#M827674 <HTML><HEAD></HEAD><BODY><P>You can check your syslog for message 106021 and 106022</P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/partner/docs/security/asa/asa80/system/message/logmsgs.html#wp4768997" target="_blank">http://www.cisco.com/en/US/partner/docs/security/asa/asa80/system/message/logmsgs.html#wp4768997</A></P><P></P><P>It will tell you the IP address but it won't help anything since it's a spoofing IP.</P><P></P><P></P></BODY></HTML> Wed, 26 Aug 2009 19:05:06 GMT https://community.cisco.com/t5/network-security/unicast-reverse-path-forwarding-anti-spoofing/m-p/1270246#M827674 Yudong Wu 2009-08-26T19:05:06Z