Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
719
Views
0
Helpful
0
Replies

ASA Deny UDP Reverse Path inside

JaVa808
Level 1
Level 1

‎09-19-2019 10:10 AM

Hello, 

 

I recenlty turned on the email logging feature. And I see a lot of ASA Alerts for Deny UDP reverse path from 169.254.x.x to 169.254.x.x to vlan(inside). Keep in mind, my level of experience is novice/noob.  

There are several of these within an hour and day. So far I have been able to list 12 different IP's 169.154.x.x and because we have 12 endpoints on our small network, I figured it was possibly a triggered DHCP request/Self Assigned IP process happening and forgets it has a static IP for a moment. 

What is the best action to take from discovering this? Understanding where this is coming from, why it is happening, and if it needs to be allowed nor not, create a rule or disable something on the firewall?

Should I ask the Sys Admin/Endpoint Admin check and validate settings for DHCP is turned off on the endpoints, check logs to verify and match up that 169.154.x.x is coming from the endpoint and should not?

 

Thanks! 

 

Labels:
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card