It is currently Wed Jun 26, 2019 8:43 am


All times are UTC




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Deny ip spoof on asa
PostPosted: Mon Jan 28, 2013 7:51 pm 
Offline

Joined: Mon Jan 28, 2013 7:44 pm
Posts: 2
Hi I'm not sure if this is the correct form but here it goes.
I am emulating an asa firewall. and have everything working from the inside out

When I try to go to a web site on the inside of my asa i am getting the following error deny ip spoof from (40.40.40.10 to out.dmzww on interface outside.

my asa is connected to a router that is then connected to a cloud that is attached to a loopback on interface my pc that has an ip of 40.40.40.10 pings work.

any ideas why I am getting this do I need to use strickly non public ip addresses for everything? (ie 10.,172.,192.168.)




Top
 Profile  
 
 Post subject: Re: Deny ip spoof on asa
PostPosted: Tue Jan 29, 2013 6:32 pm 
Offline

Joined: Mon Jan 28, 2013 7:44 pm
Posts: 2
ok I figured this one out. Basically an id10t problem (me)

I had a dmz setup on the asa E/2 interface with ip address 172.17.0.1 and a router attached to the interface with ip address 172.17.0.2 and ip http server enabled.

tried to go to the public natted ip address of the router from an outside host which should have brought up the routers internal web page.

however in the asa config i had the routers static nat and access rules pointing to 172.17.0.1 the asa interface instead of 172.17.0.2 the routers interface




Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO