Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have been getting some Land Attack errors in my ASA logs recently so I captured some traffic to analyze.ASA-2-106017: Deny IP due to Land Attack from 1.1.1.1 to 1.1.1.1During a Land Attack, the capture shows an inside address trying to send traffic...
How would I go about filtering Outside access to a vpn port of a Cisco ASA < 8.2?By default, it seems the VPN does not use the acl on the outside interface.Thanks
I was able to test an ACL on a spare ASA and it did work.When there is no ACL, the land attack is logged which is correct as it can't connect to itself.When I add the ACL denying access to its nat address it is logged as a deny.access-list inside_acc...
From the original post, I just used ping to reproduce the error that I get from time to time on my asa from other user traffic.When a land attack happens I check the the captured data and see what caused it and it is because of some nat traversal tra...
I have already taken the dump and verified the traffic to be legit.Again, If I ping my nat public address I can produce a Land Attack.I just want to prevent regular traffic from sending off Land Attack errors.
Yes, all inside users currently use 1.1.1.1 as the outside natted address and all works.I am trying to limit Land Attack errors from false positives so we know when a real Land Attack occurs.I know the traffic gets dropped but if I add an ACL would t...
Thanks for the reply.However I am only trying to restrict who has access to connect to the vpn port from the internet (outside).I have created a webvpn that listens on port 443 on the outside interface so remote users can access internal resources w...