Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Lijo_mathai
Contributor

Traffic drop due to antispoofing- R80.10

Hi, due to some reason the traffic to one of my remote site is being dropped by checkpoint gateway which is R80.10. Checking the logs shows traffic dropped due to anti spoofing. Checking the interface  config i can see the destination traffic IP is no where in the interface config on the gateways. What is causing this?

Also when i try to ping that IP from my internal host i get a TTL expired response from the checkpoint interface. Is this a known issue or am i missing anything

0 Kudos
2 Replies
Danny
Champion Champion
Champion

0 Kudos
Claudiu3
Participant

  I got a similar issue, it was a routing issue. I had a routing loop. On checkpoint, the return route to your my source ip is not on the same interface the packets arrived. I say, either get rid of the routing loop or use the anti spoofing exception list on the interface.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events