https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78527#M11570 Address 10.150.2.9 (packets from whose are detected by anti-spoofing module) was in network that was in topology on one of the internal interfaces. Tue, 17 Mar 2020 11:07:42 GMT Mikhail_Demin 2020-03-17T11:07:42Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78189#M11566 <P>On the gateway one of the external interfaces have activated anti-spoofing in detect mode. In tracker i see detections of anti-spoofing but source and destination (gateway external interface) IP-addresses are in the same network (because gateway is satellite in the VPN-community and have a L2 VPN-connection with central office). Why anti-spoofing works in this case? On the attached screenshot external interface with activated anti-spoofing is 10.150.2.6 and network between this gateway and central gateway is 10.150.2.0/28.</P> Fri, 13 Mar 2020 09:18:06 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78189#M11566 Mikhail_Demin 2020-03-13T09:18:06Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78195#M11567 <P>what is the IP address on eth3?</P> Fri, 13 Mar 2020 10:57:42 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78195#M11567 _Val_ 2020-03-13T10:57:42Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78519#M11568 10.150.2.6, but i already resolve this issue. Thanks! Tue, 17 Mar 2020 08:11:35 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78519#M11568 Mikhail_Demin 2020-03-17T08:11:35Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78520#M11569 <P>What was the resolution? In might help other community members in the future, so please share</P> Tue, 17 Mar 2020 08:32:45 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78520#M11569 _Val_ 2020-03-17T08:32:45Z https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78527#M11570 Address 10.150.2.9 (packets from whose are detected by anti-spoofing module) was in network that was in topology on one of the internal interfaces. Tue, 17 Mar 2020 11:07:42 GMT https://community.checkpoint.com/t5/Firewall-and-Security-Management/IP-spoofing-detections-in-broadcast-domain/m-p/78527#M11570 Mikhail_Demin 2020-03-17T11:07:42Z