Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
334
Views
0
Helpful
1
Replies

Deny UDP Reverse Path

akusuma1
Level 1
Level 1

‎06-02-2006 03:04 AM - edited ‎03-09-2019 03:07 PM

Dear expert,

When we turn on the syslog, we see a lot of messages as "%PIX-1-106021: Deny UDP reverse path check from 192.168.0.208 to 10.17.18.150 on interface inside". Is there any explanation for this ?

Labels:
0 Helpful
1 Reply 1

m.sir
Level 7
Level 7

‎06-02-2006 03:40 AM

Reverse path check is used when is packet comes from network behind interface and this network is not in firewalls routing table...its antispoofing feature... What is 192.168.0.0 range in your network???? If you dont have such network it could be some machine in your "legal" network with 2 networks card and second is addressed with 192.168.0.208 (and routing is not properly configured) - its could be explanation how 192.168. network could appear on your firewall

M.

Hope that helps, rate if it does

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents