Hey All!
Does anyone know if changing the IP source address spoofing protection mode from Log to Block will cause a disruption of network services during the change?
Thanks,
Mick~
It wont cause any disruption.
If something was doing it at the moment return traffic could not get routed to it, and it would already be broken.
Hello all. Does anyone know 1)whether the logs are definitive on spoofing taking place, and 2)whether devices would be blocked if this option is enabled?
I hesitate to enable as I reviewed our logs which show laptops on our (flat) network are being flagged. However, these are company laptops that are on the corp wifi, which have obtained the correct DHCP.
I already read the article for Meraki MXs Anti-spoofing. We have the MX appliance and just Dell switch, no VLANs.
Thanks.
Examples:
Time(PST) | Client | Event type | ||
12/13/2022 10:11 | laptop1 | Source IP and/or VLAN mismatch | ||
12/13/2022 10:11 | laptop2 | Source IP and/or VLAN mismatch | ||