cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


193
Views
0
Helpful
0
Replies
Beginner

ASA Deny UDP Reverse Path inside

Hello, 

 

I recenlty turned on the email logging feature. And I see a lot of ASA Alerts for Deny UDP reverse path from 169.254.x.x to 169.254.x.x to vlan(inside). Keep in mind, my level of experience is novice/noob.  

There are several of these within an hour and day. So far I have been able to list 12 different IP's 169.154.x.x and because we have 12 endpoints on our small network, I figured it was possibly a triggered DHCP request/Self Assigned IP process happening and forgets it has a static IP for a moment. 

What is the best action to take from discovering this? Understanding where this is coming from, why it is happening, and if it needs to be allowed nor not, create a rule or disable something on the firewall?

Should I ask the Sys Admin/Endpoint Admin check and validate settings for DHCP is turned off on the endpoints, check logs to verify and match up that 169.154.x.x is coming from the endpoint and should not?

 

Thanks!