[melipla]

Hi,

With your VRRP cluster object, do you have this option:
<object> -> Properties -> Topology -> Enable extended cluster anti-spoofing?

Which interface is reporting the antispoofing message? Even though you have it defined on the correct interface, for some complicated routing scenarios you may still see anti-spoofing messages for that network on other interfaces. If that happens with a secondary external interface, you may need to add a second group of IPs you don't check AntiSpoofing on.

Lastly, I believe there are some NAT settings that affect which IP anti-spoofing sees. If you are using NAT on this network this may be a cause. Check out Policy -> Global Properties -> NAT -> "Translate destination on client side". I haven't verified if this is related however.

Also R60 HFA 05 has some anti-spoofing updates, however I do not know if that applies to your environment.

HTH