Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
7844
Views
7
Helpful
1
Replies

Anti Spoofing

Amardeep Kumar
Level 1
Level 1

ā€Ž04-25-2011 06:48 AM - edited ā€Ž03-11-2019 01:25 PM

Hi

What is Anti Spoofing in ASA 5505. Can I enable it on ASA 5505. If yes , port will be inside or Outside. ? or both ?

Thanks

Amardeep

Labels:
0 Helpful
1 Reply 1

sean_evershed
Level 7
Level 7

ā€Ž04-25-2011 08:21 AM

Hi,

IP spoofing is a packet that uses an incorrect source IP address to obscure its true source.

The command ip verify reverse-path interface interface_name ensurres that all packets have a source IP address that matches the  correct source interface according to the routing table.

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/i3_72.html

See below a configuration guide

http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html

See below an example of it's use. If you think that attacks can come from both your internal and external networks then enable it on both interfaces.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml

Please remember to rate all posts that are helpful.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card