Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
317
Views
0
Helpful
1
Replies

PIX failover is happening frequently

sajsoft
Level 1
Level 1

‎05-11-2005 10:38 PM - edited ‎02-21-2020 12:08 AM

My PIX failover is happening frequently.When i checked in Syslog I found the following message.

After this failover some of my IPsec tunnels are establishing .Pls help

%PIX-4-405001: Received ARP request collision from 10.0.0.1/0011.bb85.62be on interface inside

2005-05-12 10:30:46 Local7.Alert 10.0.0.4

May 11 2005 22:02:37: %PIX-1-105002: (PIX) Enabling failover.

0 Helpful
1 Reply 1

d.rein
Level 1
Level 1

‎05-12-2005 01:27 AM

Hi,

1. Error Message %PIX-4-405001: Received ARP {request | response} collision from IP_address/mac_address on interface interface_name

Explanation

The firewall received an ARP packet, and the MAC address in the packet differs from the ARP cache entry.

Recommended Action

This traffic might be legitimate, or it might indicate that an ARP poisoning attack is in progress. Check the source MAC address to determine where the packets are coming from and check to see if it belongs to a valid host.

2. Please verify the interface error counters, maybee one Interface is exhausted an not able to receive the failover hello messages.

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_field_notice09186a00800949ca.shtml

Please verify this with show blocks ------------------

SIZE MAX LOW CNT

4 1600 1521 1600

80 400 358 399

256 1012 723 1012

1550 2341 0 1568

If you see the zero than you have following problems.

1. too much traffic

2. faulty hardware

Regards,

Dirk

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card