In an effort to protect my network from IP Spoofing, I was thinking about applying the "ip verify-reverse path" command to my inside and outside interfaces.
Just curious as to if anyone uses this command or has any other suggestions.
Absolutely you should implement this feature. I also suggest that you implement RFC 1918 filtering... blocking the 10 net, 192.168.x.x, and 172.16 - 172.31.x.x addresses from coming into your network from the internet... these addresses should never traverse the internet... they are common sources of spoofed addresses in denial of service attacks.
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
