Hi there
I'm facing a issue and stuck on a thought process , would appreciate if some
way you guys can show with your experience in industry -
ISSUE ----
user X spoofs IP ADDRESS OF ISP-A and sends traffic out to internet...
now when traffic is comming back via ISP-A... I want to block such traffic
which is not orignating from my ISP...
but catch here is ---- filtering is to be done in ISP ...so putiing acl for
each users and ports is not scallable.....
Please help with any way out ...
Thanks and Regards
You may use traffic blackholing in case of unused ip addresses with some
kind of statefull firewalling(despite scalability contraints) for used
ip addresses.
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
_______________________________________________
cisco-nsp mailing list cisco-nsp@puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/