09-11-2012 02:10 PM - edited 03-11-2019 04:52 PM
I currently have the timeout set to 14400. I have been draging this along in my config for a long time.
"arp timeout 14400"
My question is what is the recommendation for the timeout? 4 hours seems like a long time.
Solved! Go to Solution.
09-11-2012 03:19 PM
Hello,
It means it's on for all the interfaces,
Try to turn it off on the DZM and see what happens:
sysopt noproxyarp dmz
Regards,
Remember to rate all of the answers,
09-11-2012 02:22 PM
Hi,
By default, arp timeout value on ASA is 14400, which is global. Do you have any reasons for changing this value?
You may refer to the following document to know more about proxya rp and gratutious arp
Regards
Gurpreet
09-11-2012 02:36 PM
I am having an issue with with only the redhat/fedora systems on the DMZ segment of this ASA 5510.
Every time one of these systems reboots the system complains that its IP address is already in use and refuses to start networking. The IP address is NOT in use by any other systems on that subnet.
I am thinking this has something to do with proxy arp or the arp table on the ASA but I really do not know.
09-11-2012 02:38 PM
Hello,
Are there any Nats related to his RedHat system???
Also check the show run all sysopt and verify that proxy-arp is enabled for the DMZ?
Let me know what you get..
Remember to rate all of the answers, that is why we are here...
09-11-2012 02:52 PM
show run all sysopt
---
no sysopt noproxyarp inside
no sysopt noproxyarp dmz
no sysopt noproxyarp outside
no sysopt noproxyarp management
Does this mean it is on for all interfaces(or off)?
09-11-2012 03:19 PM
Hello,
It means it's on for all the interfaces,
Try to turn it off on the DZM and see what happens:
sysopt noproxyarp dmz
Regards,
Remember to rate all of the answers,
09-13-2012 02:48 PM
Thank You.
That did reslove the issue.
My next question is I thought proxy arp was off by default? This is running an 8.2.x build(I know I need to upgrade).
I can not seem find anywhere in my config where I am enabling it? Any ideas?
09-13-2012 02:56 PM
Hello,
It is enabled by default!
sh run all sysopt .. There is where you see is enabled by default
no sysopt noproxyarp inside
no sysopt noproxyarp dmz
no sysopt noproxyarp outside
no sysopt noproxyarp management
Regards,
Remember to rate all of the helpul hosts,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide