ASA spoofing

egoodman2 — Fri, 21 Feb 2020 16:25:22 GMT

I have a rather stubborn occurrence. I keep getting:

Deny IP spoof from (10.87.88.1) to 10.141.36.60 on interface inside.

This is connected via VPN. 10.87.88.1 is the VPN Termination point. It is a site to site connection. The 10.141.36.60 is the laptop I am using. I am able to ping the other devices which are 10.87.88.2 - up. But I believe it is because of the IP spoof that this is not replying. I have spent three days off and on with this, and even have another engineer working on it with me. For some reason, the firewall thinks that when anything attempts to ping 10.87.88.1, the IP being pinged (or Cisco ASA inside interface) is a spoofed address. I have already tried to turn off unicast reverse path failure. And a myriad of things that this and other sites suggested. Anyone have thoughts on how to resolve. Also I cannot ping this device but I can ssh to it. I am hoping from someone with an "Oh yeah" moment, if not, I can see this post going deep.

Re: ASA spoofing

egoodman2 — Wed, 31 Oct 2018 19:37:00 GMT

One more thing, any persons posting KB articles wanting me to wade through infinite pages of irrelevant information need not post. I am a busy person, and if you are just guessing to get some kind of rating for your profile...don't. Thank you all.

Re: ASA spoofing

mirzauddin1295 — Tue, 19 Nov 2019 21:53:34 GMT

hi there, was this issue resolved? I am getting exactly same issue and not sure how to fix it.

topic Re: ASA spoofing in Network Security

ASA spoofing

Re: ASA spoofing

Re: ASA spoofing