https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348159#M743228 <HTML><HEAD></HEAD><BODY><P>KS,</P><P></P><P>1. It's not actually a host. It is an SVI on an access switch. My capture however, doesn't show return traffic</P><P>2. another problem has cropped up...i can no longer see the traffic making it through the firewall...I'll have to figure that out before I can move forward ...</P><P></P><P></P><P>Bruce Summers</P><P>DHS OCIO</P><P>Network Engineering</P><P>bruce.summers@associates.dhs.gov</P><P>bb: 202-503-7628</P><P>desk: 228-813-4838</P></BODY></HTML> Sun, 21 Feb 2010 23:46:20 GMT Bruce Summers 2010-02-21T23:46:20Z https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348155#M743176 <P>I'm trying to work out this issue...</P><P></P><P>source, switchA =&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.0.4</P><P>FW1&nbsp;&nbsp;&nbsp;&nbsp; =&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.0.1</P><P>FW1_Transit =&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.4.1</P><P>FW2_Transit =&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.4.7</P><P>FW1_VLAN =&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 192.168.12.0 /25</P><P>destination, SwitchB = 192.168.12.10</P><P></P><P>I setup a capture to watch the traffic and see it all the way onto the destination VLAN (192.168.12.0/25).</P><P></P><P>However, I dont see the traffic coming back&nbsp; on this VLAN Interface.</P><P></P><P>I setup a policy NAT as follows:</P><P></P><P>access-list PNAT-3612 extended permit ip any 192.168.12.0 255.255.255.128<BR />global (TD_3Tier_HQ_App_NLB) 1 interface<BR />nat (TD_3Tier_Web_2_App) 1 access-list PNAT-3612 outside</P><P></P><P>which appears to cause the traffic to come back on that interface, BUT, I dont see it hit the ACL, and the log output shows the following error:</P><P></P><P>Received ARP response collision from 192.168.12.10/8843.e17f.9041 on interface TD_3Tier_HQ_App_NLB (this being the name of the vlan interface)</P><P></P><P>Is this implying a duplicate IP somewhere?</P><P></P><P>thanks in advance.</P><P></P><P>Bruce</P> Mon, 11 Mar 2019 17:12:56 GMT https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348155#M743176 Bruce Summers 2019-03-11T17:12:56Z https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348156#M743188 <HTML><HEAD></HEAD><BODY><P>ooops....Sorry folks...</P><P></P><P>As I typed all that out, it got me to thinking...possibly I do have a duplicate...checked another switch, and there it was...duplicate IP...</P><P></P><P></P><P>bruce</P></BODY></HTML> Sun, 21 Feb 2010 19:59:38 GMT https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348156#M743188 Bruce Summers 2010-02-21T19:59:38Z https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348157#M743193 <HTML><HEAD></HEAD><BODY><P>well,</P><P></P><P>that got rid of the duplicate ip and error, but i'm still not seeing the traffic hitting that return interface...</P><P></P><P>thought the P NAT would take care of that...</P><P></P><P>bruce</P></BODY></HTML> Sun, 21 Feb 2010 20:01:53 GMT https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348157#M743193 Bruce Summers 2010-02-21T20:01:53Z https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348158#M743212 <HTML><HEAD></HEAD><BODY><P>Bruce,</P><P>If the response traffic isn't coming back you need to check the following.</P><P>1. capture on the desination host and make sure it is responding and make sure it is sending the response to the correct mac address.</P><P>2. Make sure the destination host has a route to get back to the source host network. If you need to check it's default gateway you need to do make sure that GW has a route back to the source network.</P><P></P><P>-KS</P></BODY></HTML> Sun, 21 Feb 2010 21:43:21 GMT https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348158#M743212 Kureli Sankar 2010-02-21T21:43:21Z https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348159#M743228 <HTML><HEAD></HEAD><BODY><P>KS,</P><P></P><P>1. It's not actually a host. It is an SVI on an access switch. My capture however, doesn't show return traffic</P><P>2. another problem has cropped up...i can no longer see the traffic making it through the firewall...I'll have to figure that out before I can move forward ...</P><P></P><P></P><P>Bruce Summers</P><P>DHS OCIO</P><P>Network Engineering</P><P>bruce.summers@associates.dhs.gov</P><P>bb: 202-503-7628</P><P>desk: 228-813-4838</P></BODY></HTML> Sun, 21 Feb 2010 23:46:20 GMT https://community.cisco.com/t5/network-security/received-arp-response-collision-from/m-p/1348159#M743228 Bruce Summers 2010-02-21T23:46:20Z