https://community.cisco.com/t5/network-security/allow-land-attack/m-p/614469#M92084 <P>Hi,</P><P></P><P>I have a Cisco ASA 5510 and couple of webservers behind it. For some specific applications, those webservers call the website hosted on the same box. </P><P></P><P>The appliance sees that as a Land Attack and gives the following error:</P><P></P><P>Deny IP due to Land Attack from a.b.c.d to a.b.c.d</P><P></P><P>Is there any way I can disable this? I tried disabling Anti-spoofing in ASDM but no luck.</P><P></P><P>Your inputs greatly appreciated.</P><P>Thx in advance.</P><P></P><P>-Janakan</P> Sun, 10 Mar 2019 10:17:01 GMT rjanakan 2019-03-10T10:17:01Z https://community.cisco.com/t5/network-security/allow-land-attack/m-p/614469#M92084 <P>Hi,</P><P></P><P>I have a Cisco ASA 5510 and couple of webservers behind it. For some specific applications, those webservers call the website hosted on the same box. </P><P></P><P>The appliance sees that as a Land Attack and gives the following error:</P><P></P><P>Deny IP due to Land Attack from a.b.c.d to a.b.c.d</P><P></P><P>Is there any way I can disable this? I tried disabling Anti-spoofing in ASDM but no luck.</P><P></P><P>Your inputs greatly appreciated.</P><P>Thx in advance.</P><P></P><P>-Janakan</P> Sun, 10 Mar 2019 10:17:01 GMT https://community.cisco.com/t5/network-security/allow-land-attack/m-p/614469#M92084 rjanakan 2019-03-10T10:17:01Z https://community.cisco.com/t5/network-security/allow-land-attack/m-p/614470#M92088 <HTML><HEAD></HEAD><BODY><P>This message appears when the firewall receives a packet with the IP source address equal to the IP destination, and the </P><P>destination port equal to the source port.It is due to spoofing.Use Access-lists to prevent from and to the same address.</P></BODY></HTML> Fri, 20 Oct 2006 20:49:14 GMT https://community.cisco.com/t5/network-security/allow-land-attack/m-p/614470#M92088 irisrios 2006-10-20T20:49:14Z https://community.cisco.com/t5/network-security/allow-land-attack/m-p/614471#M92091 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>Thanks for the reply. Well, yea I'm receiving Land Attack because the application I run on my webserver calls it's own URL.(There is a work around by changing the URL with localhost or giving private IP). However, it would take sometime to make the code change. So, for timebeing I'd like to disable land attack and would liek to allow the traffic from a packet whose source/destination IP and port numbers are same.</P><P></P><P>-Janakan</P></BODY></HTML> Sat, 21 Oct 2006 10:19:30 GMT https://community.cisco.com/t5/network-security/allow-land-attack/m-p/614471#M92091 rjanakan 2006-10-21T10:19:30Z