ā05-24-2022 06:38 AM - edited ā05-26-2022 12:13 AM
Hello,
I would like to send logs from ASA firewall towards syslog server but when I configured it on highly loaded interface I got below logs:
2 May 24 2022 16:31:18 106016 Deny IP spoof from (10.X.X.X) to 10.X.X.X on interface xxxxx
From - is IP assigned to this interface
To - is syslog server IP
IP spoofing is disabled.
Everything works fine for the other interface where there is much less traffic.
Thank you in advance for any solutions.
ā05-24-2022 06:43 AM - edited ā05-24-2022 06:54 AM
Determine if the IP address belongs to an external user trying to compromise the protected network. Check for misconfigured clients.
Other solution which is unsecured is
disable IP spoof in interface.
ā05-26-2022 12:13 AM
Yes, I saw this information about syslog log but what exaclty should I do? Which commands or settings are helpful there?
ā05-26-2022 06:06 PM
NO ip verify reverse-path interface xxxx
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide