Event ID - ASA-2-106016

Message CodeASA-2-106016
SeverityCritical
DescriptionDeny IP spoof from (IP_address) to IP_address on interface interface_name.
ExplanationThis message is generated when a packet arrives at the security appliance interface that has a destination IP address of 0.0.0.0 and a destination MAC address of the security appliance interface. In addition, this message is generated when the security appliance discarded a packet with an invalid source address, which may include one of the following or some other invalid address:
  1. Loopback network (127.0.0.0)
  2. Broadcast (limited, net-directed, subnet-directed, and all-subnets-directed).
  3. The destination host (land.c)

To further enhance spoof packet detection, use the icmp command to configure the security appliance to discard packets with source addresses belonging to the internal network, because the access-list command has been deprecated and is no longer guaranteed to work correctly.
User ActionDetermine if an external user is trying to compromise the protected network.Check for misconfigured clients.
Reference Links

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh