https://community.cisco.com/t5/network-security/ftd-1120/m-p/4717843#M1094850 <P>Hey! Currently working on FTD 1120 which is managed by FDM, and my query is.</P> <P>FDM-6.6.1-91 VDB-336.0</P> <P>- Configured Two ISP links on FDM with sla monitor.</P> <P>-Basic configuration one access-list for Lan users to access internet and Nat policy which is in auto nat with dynamic.</P> <P>-everything is working fine for certain time and after that lan users are not able to access internet after checking logs observed that ARP cache is getting filled. when i clear arp table manually then again started working. Please explain for this type of behaviour.&nbsp;</P> <P>Note: LAN user is directly connected to FW, no n/w devices are their b/w firewall and Lan.</P> Tue, 08 Nov 2022 11:44:41 GMT Mani G 2022-11-08T11:44:41Z https://community.cisco.com/t5/network-security/ftd-1120/m-p/4717843#M1094850 <P>Hey! Currently working on FTD 1120 which is managed by FDM, and my query is.</P> <P>FDM-6.6.1-91 VDB-336.0</P> <P>- Configured Two ISP links on FDM with sla monitor.</P> <P>-Basic configuration one access-list for Lan users to access internet and Nat policy which is in auto nat with dynamic.</P> <P>-everything is working fine for certain time and after that lan users are not able to access internet after checking logs observed that ARP cache is getting filled. when i clear arp table manually then again started working. Please explain for this type of behaviour.&nbsp;</P> <P>Note: LAN user is directly connected to FW, no n/w devices are their b/w firewall and Lan.</P> Tue, 08 Nov 2022 11:44:41 GMT https://community.cisco.com/t5/network-security/ftd-1120/m-p/4717843#M1094850 Mani G 2022-11-08T11:44:41Z https://community.cisco.com/t5/network-security/ftd-1120/m-p/4732752#M1095656 <P>When you look at the arp cache, do you see a bunch of the same MAC addresses? I've seen this in the past, where a device was proxy arping for everything. If this is the case, track down what is doing the proxy arp.</P> Mon, 05 Dec 2022 17:47:58 GMT https://community.cisco.com/t5/network-security/ftd-1120/m-p/4732752#M1095656 ABaker94985 2022-12-05T17:47:58Z https://community.cisco.com/t5/network-security/ftd-1120/m-p/4732772#M1095657 <P>you use nat without add keyword no proxy arp<BR />add this keyword and everything will be fine.&nbsp;<BR /><A href="https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116154-qanda-ASA-00.html" target="_blank">https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116154-qanda-ASA-00.html</A></P><P>&nbsp;</P> Mon, 05 Dec 2022 19:04:33 GMT https://community.cisco.com/t5/network-security/ftd-1120/m-p/4732772#M1095657 MHM Cisco World 2022-12-05T19:04:33Z https://community.cisco.com/t5/network-security/ftd-1120/m-p/4732802#M1095660 <P>Hi Mani,<BR />I would say verify the interface status and then check ARP status.<BR />Also clear arp entry and take captures to verify if there is any MAC in particualr thats causing the issue.<BR /><BR />As a temporary solution you can configure static ARP.<BR /><BR />There could be many reasons that could cause this issue. - incorrect config issue, proxy arp config issue, &nbsp;ARP cahce timeout value etc.<BR /><BR />Try to take captures, and see the behaviour. If the issue still persists maybe try to take help from TAC and trouleshoot further.</P> <P>&nbsp;</P> <P><BR />&nbsp;</P> <P><SPAN style="background-color:rgb(255,255,255);color:rgb(24,24,24);font-size:14px;">-----------------------------------------</SPAN><BR /><SPAN style="background-color:rgb(255,255,255);color:rgb(24,24,24);font-size:14px;">If you find my reply solved your question or issue, kindly click the 'Accept as Solution' button and vote it as helpful.</SPAN><BR /><BR /><SPAN style="background-color:rgb(255,255,255);color:rgb(24,24,24);font-size:14px;">You can also learn more about Secure Firewall (formerly known as NGFW) through our live Ask the Experts (ATXs) session. Check out Cisco Network Security ATXs Resources [</SPAN><A href="https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/4416493" target="_blank">https://community.cisco.com/t5/security-knowledge-base/cisco-network-security-ask-the-experts-resources/ta-p/4416493</A><SPAN style="background-color:rgb(255,255,255);color:rgb(24,24,24);font-size:14px;">] to view the latest schedule for upcoming sessions, as well as the useful references, e.g. online guides, FAQs.</SPAN><BR /><SPAN style="background-color:rgb(255,255,255);color:rgb(24,24,24);font-size:14px;">-----------------------------------------</SPAN><BR /><BR />Reagrds<BR />Divya Jain</P> Mon, 05 Dec 2022 20:04:40 GMT https://community.cisco.com/t5/network-security/ftd-1120/m-p/4732802#M1095660 Divya Jain 2022-12-05T20:04:40Z