09-09-2011 11:26 AM - edited 03-11-2019 02:22 PM
We are dealing with an ISP for a remote office that will assign us multiple ip addresses but requires a unique mac address for each ip address. In the ASA, I see an arp outside alias command. Is that something I can use for this purpose or is there another way to handle it ?
Ron
09-09-2011 11:35 AM
What is the end goal? You want the ASA to accept traffic for all these IP addresses? If that is the case then the ASA will proxy arp for the translations configured and it has to be one unique mac and not multiple MACs.
That arp alias command is to accomplish the same thing that proxy arp does.
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/a2.html#wp1626420
-KS
09-09-2011 11:44 AM
The problem I am working around is that the ISP requires a unique mac address for each IP address they will be
assigning to us. That is why I am looking at the ARP alias command. The ISP wont give us the mac addresses so that
we can assign them statically but will be doing dhcp reservations.
Ron
09-09-2011 11:58 AM
I am not sure what to suggest. There is no way the ASA will accept packets that is destined to some other MAC it doesn't own.
Tell the ISP they can assign one IP for the ASA's outside interface MAC and route traffic to the rest of the IPs to the same destination mac.
Unless you are looking for these additional IPs for other devices on the outside of the ASA in which case you can hand them those device MACs.
-KS
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: