Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are receiving thousands of "Deny inbound UDP from x.x.x.x/53 to x.x.x.x/2713 due to DNS Response" per minute on our ASA 5510. All of the responses are destined to a signal one of our external IP's. This is overloading the our ASA and preventing tr...
The Cisco TAC - Engineer we spoke to recommended we allow any any udp port 53 inbound to correct the problem. I don't see how allowing udp port 53 traffic into our network would solve the problem but it with stop the deny messages. Does this sound li...
The Cisco TAC - Engineer we spoke to recommended we allow any any udp port 53 inbound to correct the problem. I don't see how allowing udp port 53 traffic into our network would solve the problem but it with stop the deny messages. Does this sound li...
Thanks for the reply. I figured it was some type of reflective DNS attack but I just wasn't sure if anything could be be done on the ASA to stop it. It appears like there isn't. I've contacted my isp but they don't seem to be in any hurry to call me ...
We are receiving thousands of these same "Deny inbound UDP from x.x.x.x/53 to x.x.x.x/2713 due to DNS Response" per minute on our ASA 5510. This is overloading the ASA and preventing traffic getting thru to the Internet during these attacks. Any sugg...
