Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
887
Views
0
Helpful
2
Replies

ASA ARP issue??

opers13
Level 1
Level 1

‎06-22-2009 10:08 AM - edited ‎03-11-2019 08:46 AM

ASA's MAC address of the inside interface is populated in the CAM table of the switch it's connected to causing connectivity issues for devices in VLAN252.

ASA inside interface:

8: Ext: GigabitEthernet1/1 : address is 001f.6c3d.e287, irq 255

Switch CAM table:

Internet 10.153.252.111 9 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.110 214 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.109 214 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.108 214 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.107 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.106 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.105 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.104 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.103 82 001f.6c3d.e287 ARPA Vlan252

Labels:
0 Helpful
2 Replies 2

mike-greene
Level 4
Level 4

‎06-22-2009 12:01 PM

Hi,

I'm not sure if my issue I saw is the same as yours but I installed an ASA running 8.0.4 and ran into alot of packet loss on our DMZ. Turned out, the ASA was responding to ARP requests for hosts on the local LAN causing major packet loss my DMZ subnet. I seem to remember the systems affected were all VM's EXS hosts. I had to disable proxy arp on our DMZ ASA interface with "sysopt noproxyarp dmz" to stop the madness.

HTH

0 Helpful

plumbis
Level 7
Level 7

‎06-25-2009 07:26 PM

Do you have static nat statements? The ASA will proxy-arp for anything configured in a static nat.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card