Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1197
Views
5
Helpful
6
Replies

Firewall is Denies Source IP's That Are Not on my network

errMsg
Level 1
Level 1

‎09-12-2019 02:25 PM

I have been looking at the logs on my firewall and have noticed that the source IP is not always an address on my LAN.  How is it that source IP's are not on my LAN?

Labels:
0 Helpful
6 Replies 6

balaji.bandi
Hall of Fame
Hall of Fame

‎09-12-2019 03:13 PM

Depends on what interface you looking, if you looking outside the source address can be anything,

 

to give more clarity can you show us your error log to understand better, rather assuming.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

errMsg
Level 1
Level 1
In response to balaji.bandi

‎09-12-2019 04:06 PM - edited ‎09-12-2019 04:08 PM

Here is a screenshot of the logs im seeing...i blacked out my external IP

Preview file
48 KB
0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to errMsg

‎09-12-2019 05:19 PM

That is normal, and it proves your FW working, dropping unnecessary traffic on the outside interface. ( correct me the IP blacked out was public IP configured outside interface ?)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

errMsg
Level 1
Level 1
In response to balaji.bandi

‎09-13-2019 01:35 AM

Yes, that is my WAN interface. Is there a way to stop my router from routing other peoples traffic or is that just the nature of the router.  I noticed that some ips have a high risk rating when I look them up.  👀 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to errMsg

‎09-13-2019 06:31 AM

As long you allowing right traffic and right NAT translation inside to outside and outside to inside.

 

rest will be blocked. but we are not sure how your setup and configuration, i have provided input based on the screen shot

 

you need more granular look you need to provide correct information of the IP and your configuration for validation.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Karsten Iwen
VIP
VIP

‎09-13-2019 04:34 AM

This is not uncommon when there are misconfigurations in the network. It could be a wrong IP-config on a PC or a wrong NAT inside the network. Or even a user willingly spoofing other addresses.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card