Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
7103
Views
6
Helpful
1
Replies

Anti Spoofing

Amardeep Kumar
Level 1
Level 1

ā€Ž04-25-2011 06:48 AM - edited ā€Ž03-11-2019 01:25 PM

Hi

What is Anti Spoofing in ASA 5505. Can I enable it on ASA 5505. If yes , port will be inside or Outside. ? or both ?

Thanks

Amardeep

Labels:
0 Helpful
1 Reply 1

sean_evershed
Level 7
Level 7

ā€Ž04-25-2011 08:21 AM

Hi,

IP spoofing is a packet that uses an incorrect source IP address to obscure its true source.

The command ip verify reverse-path interface interface_name ensurres that all packets have a source IP address that matches the  correct source interface according to the routing table.

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/i3_72.html

See below a configuration guide

http://www.cisco.com/web/about/security/intelligence/unicast-rpf.html

See below an example of it's use. If you think that attacks can come from both your internal and external networks then enable it on both interfaces.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00809763ea.shtml

Please remember to rate all posts that are helpful.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card