ARP issue with Cisco 5505

networker99 · ‎03-24-2012

Hi there,

We have an issue with our current ASA 5505 set up and I hope someone can help. Here is the setup

ISP Handoff -> L2 Switch -> VLAN 1 of ASA

-> VLAN 2 of ASA

The ISP handoff is a single ethernet cable but the ISP router is acting as the gateway for 2x seperate public address spaces. ISP cable plugs into a L2 switch. The two VLANS of the ASA are then plugged into the same switch, one VLAN configured for public space 1 and the other for public space 2, now the issue is when the firewall ARPs for the gateways VLAN2's gateway shows up on VLAN 1 and VLAN 2 which obviously causes issues.

Richard Burts · ‎03-24-2012

From your description of the symptoms I would guess that the layer 2 switch has both ASA ports in the same VLAN (which leads me to wonder if the layer 2 switch is doing any VLANs or are all ports in the native VLAN?). Can you provide details of how the layer 2 switch is configured?

It also would help to know how the ISP is set up. You tell us that it is an Ethernet handoff. But you do not tell us whether the ISP is handling that as a trunk with multiple VLANs or whether the ISP is treating it as an access port with a single VLAN. Can you clarify this?

Knowing how the ISP is set up and how the layer 2 switch is configured will be critical in finding a solution that works for your ASA.

HTH

Rick

HTH

Rick