PIX Ip Blocking ????

thawk10 · Nov 1, 2003

I am a newbie. I have a Cisco 515 PIX. I need to block an outside ip that is spoofing itself to become one of my internal ip address in order to try to use our email servers as an open relay.

Is it possible to block one of my internal ip address's that is coming in from the outside without causing problems?? If so, how do I go about this.

danr19 · Nov 1, 2003

Hi,

PIX has an anti-spoofing feature, try those commands:

ip verify reverse-path interface outside
ip verify reverse-path interface inside

Best regards,

danr19

thawk10 · Nov 1, 2003

danr19,

Thanks so much. I have already applied the change.

speedingwolf · Nov 5, 2003

Hi,

I can accross your post and notice tried the commands that Dan recommended. My CPU jumped from 6% to 23%. I'm not sure if that would cause packets drops.

danr19 · Nov 8, 2003

Hi,

You can monitor the traffic with PDM (version 3.01 is pretty good) and you can get the latest events.
PDM has many graphic monitors that could help you.
Besides, you should capture logs to a syslog server and then analyze them.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

PIX Ip Blocking ????

thawk10

IS-IT--Management

danr19

Technical User

thawk10

IS-IT--Management

speedingwolf

IS-IT--Management

danr19

Technical User

Similar threads

Part and Inventory Search

Sponsor