Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1047
Views
0
Helpful
6
Replies

Clearing ARP on firewall restores connection

Suresh Varghese
Level 1
Level 1

‎04-19-2018 04:57 AM - edited ‎02-21-2020 07:39 AM

Hello

 

I currently have an ASA5505 running Version 9.1(6)

The outside interface of the firewall is connected to ADSL router which in turn is connected to the internet

Every now and then...the connection drops and i am not able to ping the ADSL modem IP which is the gateway (default route) on the ASA

When i do a clear ARP on the ASA...it starts working

I assume that this is not the ASA acting up but is an issue with the next hop device but how can i resolve this.

 

I would appreciate if anyone can shed some light in helping me sort this matter out.

 

many thanks in advance.

Sureshv

 

Labels:
0 Helpful
6 Replies 6

Florin Barhala
Level 6
Level 6

‎04-19-2018 05:53 AM

Let's tshoot this together.
First of all we have to find out the ARP entry that's causing trouble.

Can you post:
show run route
show nameif
show arp | i outside
0 Helpful

Suresh Varghese
Level 1
Level 1
In response to Florin Barhala

‎04-21-2018 09:37 PM

Hello Florin,

Sorry for the delayed response, please find attached the output that you had requested for

regards

 

Preview file
1 KB
0 Helpful

Florin Barhala
Level 6
Level 6
In response to Suresh Varghese

‎04-23-2018 01:20 AM

What I am interested in as next step: next time you have this issue does the ARP entry looks the same as before :

 

outside 192.168.253.1 58ef.6809.a192 18

 

and of course after you clear ARP do you get same mac address?

0 Helpful

Marius Gunnerud
VIP
VIP

‎04-19-2018 01:48 PM

How often does this issue happen?

There is a bug related to proxy-arp that can cause this type of behavior.  Have a look

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuy28710/?rfs=iqvred

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

Suresh Varghese
Level 1
Level 1
In response to Marius Gunnerud

‎04-21-2018 09:40 PM

Hi Marius

The issue happens randomly....like whenever it feels like, no specific time of period.

As for the bug, we suspected the same and upgraded the firmware from version 8 to 9.1.6

Based on the table provided in the link by you, does it mean i have to upgrade to a more higher version.

 

regards

 

0 Helpful

Marius Gunnerud
VIP
VIP
In response to Suresh Varghese

‎04-22-2018 11:18 PM

You could also set up a capture on the ASA inside and outside interfaces when this is happening to see if traffic is actually being sent out the outside interface.  Also, before clearing the ARP table, check to make sure that the MAC to IP address mappings are correct for the default route.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card