Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
10433
Views
0
Helpful
1
Replies

Unicast Reverse Path Forwarding Cisco ASA

Go to solution
ksarin123_2
Level 1
Level 1

‎02-25-2011 01:39 PM - edited ‎03-11-2019 12:57 PM

I have disabled Unicast RPF on a Cisco ASA 5510 for one specific interface. However, how do I verify that RPF indeed has been disabled on that particular interface? It doesn't show up in the config, neither does it up when I issue the command "sh int interface'.

To disable the RPF feature, I issued the following command:

no ip verify reverse-path interface interface_name

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎02-25-2011 03:36 PM

Unicast RPF is disabled by default on the ASA unless you explicitly enable it on an interface.

Since it is disabled by default on all interfaces, you will not see them in the configuration. Once you enable RPF for a specific interface, you will see that enabled in the configuration.

For example:

If you have 3 interfaces: inside, dmz and outside, and you enable it for inside only, then when you perform "sh run ip verify reverse-path", you will see the following:

ip verify reverse-path interface inside

OR/ you will see that in the running configuration as well. The other 2 interfaces that you haven't explicitly enabled will still be disabled by default, and will not show under the configuration.

Hope that answers your question.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎02-25-2011 03:36 PM

Unicast RPF is disabled by default on the ASA unless you explicitly enable it on an interface.

Since it is disabled by default on all interfaces, you will not see them in the configuration. Once you enable RPF for a specific interface, you will see that enabled in the configuration.

For example:

If you have 3 interfaces: inside, dmz and outside, and you enable it for inside only, then when you perform "sh run ip verify reverse-path", you will see the following:

ip verify reverse-path interface inside

OR/ you will see that in the running configuration as well. The other 2 interfaces that you haven't explicitly enabled will still be disabled by default, and will not show under the configuration.

Hope that answers your question.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card