Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
298
Views
0
Helpful
3
Replies

Proxy ARP behaviour for following command

ajaymehra011
Level 1
Level 1

‎06-04-2015 12:06 AM - edited ‎03-11-2019 11:02 PM

Hi Experts,

 

This is my 1st post. Apologise if this is a basic question according to your standards.

I am trying to figure out the proxy arp behaviour of following command. Hope someone can help.

nat (Outside,DMZ) after-auto source static any any destination static 20.1.1.1 10.1.1.1

 

Since Static NAT works in both direction is it right to say that ASA FW will respond to ARP request for any ip address on both Outside and DMZ interface ( due to any any)?

 

Thanks,

Ajay

 

Labels:
0 Helpful
3 Replies 3

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎06-04-2015 12:35 AM

Hi,

It will do the Proxy Arp for the Mapped IP address in the NAT statement.

20.1.1.1 which is not existing physically anywhere in the network.

Thanks and Regards,

Vibhor Amrodia

0 Helpful

ajaymehra011
Level 1
Level 1
In response to Vibhor Amrodia

‎06-04-2015 12:51 AM

Even 10.1.1.1 should be considered a mapped address ( I think static is bi directional). Isn't there any significance of "any any" in relation to proxy arp? Wouldn't it cause ASA to respond to any ARP request on both Outside and DMZ?

0 Helpful

Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to ajaymehra011

‎06-04-2015 02:50 AM

Hi,

When we are talking about the Proxy Arp on the ASA device interfaces , it will do that for the interfaces subnet automatically.

In case if NAT , the mapped range is also going to be included for addresses which will be proxy arped by the ASA device.

Thanks and Regards,

Vibhor Amrodia

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card