Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
454
Views
0
Helpful
2
Replies

ARP problem with PIX 515

MAHABUB ALAM
Level 1
Level 1

‎02-25-2004 05:09 PM - edited ‎02-20-2020 11:15 PM

Here is our current layout.

MSR 8540 - CAT5000 - PIX 525 - CAT2950 - HOSTS

I have replaced the PIX 525 from the picture with a PIX 515 with exactly the same config. After I have repalced the firewall, everything went fine except some internal hosts cant ping each other. All the hosts are accessible from the outside. But when I try to ping from one of the internal host to another internal host it times out. After A close look at the ARP entry of the host where I am trying to ping from, I found that it has the same MAC address for the internal interface of the PIX as the MAC address of the host that I am trying to ping. If I put a static arp entry it works. But ofcourse as soon as I reboot the host, I cant ping and it has the same entry in the ARP cache.

I tried clearing the ARP entry in the PIX 515, but still dont work.

Any suggestions?

Here is a copy of the ARP entries:

Interface: 192.168.3.9 on Interface 2

Internet Address Physical Address Type

192.168.3.1 00-50-54-ff-5e-5f dynamic

192.168.3.10 00-50-54-ff-5e-5f dynamic

192.168.3.26 00-50-54-ff-5e-5f dynamic

192.168.3.1 is the address of the internal interface of the pix.

0 Helpful
2 Replies 2

aacole
Level 5
Level 5

‎02-26-2004 05:06 AM

Try disable proxy arp on the inside interface,

[no] sysopt noproxyarp

I had a similar problem, this resolved it.

0 Helpful

MAHABUB ALAM
Level 1
Level 1
In response to aacole

‎02-26-2004 11:18 AM

Hello: thanks for your reply. That did the trick. THanks so much again.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card