ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

IP spoofing since I installed new ISP on DMZ interface.

11.15.09   |  
‎11-15-2009 09:18 PM

I configured our NS5GT for new ISP on the DMZ interface. DMZ interface is in route mode and ADSL modem is setup in bridge mode. I have got policies to allow traffice from

 

Trust to DMZ and vice versa

Untrust to DMZ and vice versa

 

Since I configured it I have been receiving lots of IP spoofing alerts and they are different IP to different ports on our Public IP.

I have tried to turn on screening for DMZ zone and most of the features are enabled. It is still causing issue.

 

Can someone please me with that?

 

Regards

IT Support

4 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: IP spoofing since I installed new ISP on DMZ interface.

11.15.09   |  
‎11-15-2009 10:08 PM

Disable ip spoofing on DMZ zone via "unset zone untrust screen ip-spoofing"

If you still have the messages provide the exact event entry and "get zone DMZ screen"

Highlighted
ScreenOS Firewalls (NOT SRX)

Re: IP spoofing since I installed new ISP on DMZ interface.

11.16.09   |  
‎11-16-2009 07:05 PM

Hi Cesar,

 

Is disabling IP spoofing is the only solution?

 

I dont want to disable IP spoofing protection at all.

 

Please suggest.

 

Cheers !

ScreenOS Firewalls (NOT SRX)
Solution
Accepted by topic author ITSupport
‎08-26-2015 01:27 AM

Re: IP spoofing since I installed new ISP on DMZ interface.

11.16.09   |  
‎11-16-2009 11:02 PM

Hi,

 

Please follow the KB , which explain about Ip spoofing and how to diagnose the IP  spoofing:

http://kb.juniper.net/KB6185

 

Thanks

Atif

ScreenOS Firewalls (NOT SRX)

Re: IP spoofing since I installed new ISP on DMZ interface.

11.17.09   |  
‎11-17-2009 06:46 PM

Thanks Atif...

 

I had a look at it. It is not much useful but helped me understanding my issue.

 

Cheers !