Hi Vibhor,Unfortunately I am

mattgreaves · ‎10-10-2014

Hi,

Hope someone can help me. We are seeing the following on our logs on the ASA and don't understand why some traffic is blocked due to RPF but then other traffic is permitted:

1 Oct 10 2014 11:01:19 106021 192.168.0.223 10.10.10.54 Deny UDP reverse path check from 192.168.0.223 to 10.10.10.54 on interface INSIDE

1 Oct 10 2014 11:00:19 106021 192.168.0.223 10.10.10.54 Deny UDP reverse path check from 192.168.0.223 to 10.10.10.54 on interface INSIDE

6 Oct 10 2014 11:00:12 302021 192.168.0.223 63510 10.10.10.54 0 Teardown ICMP connection for faddr 192.168.0.223/63510 gaddr 10.10.10.54/0 laddr 10.10.10.54/0

6 Oct 10 2014 11:00:03 302020 192.168.0.223 63510 10.10.10.54 0 Built inbound ICMP connection for faddr 192.168.0.223/63510 gaddr 10.10.10.54/0 laddr 10.10.10.54/0

1 Oct 10 2014 10:59:19 106021 192.168.0.223 10.10.10.54 Deny UDP reverse path check from 192.168.0.223 to 10.10.10.54 on interface INSIDE

Routes all exist in the right places or the permitted flows would fail.

Any help would be greatly appreciated.

Cheers,

Matt

Vibhor Amrodia · ‎10-10-2014

Hi,

Can you share the configuration ?

Thanks and Regards,

Vibhor Amrodia

mattgreaves · ‎10-10-2014

Hi Vibhor,

Unfortunately I am unable to share the config from the devices due to their nature. If you could point me in a direction to investigate that would be appreciated.

Thanks and sorry,

Matt

Deny UDP reverse path check block but other traffic permitted.