cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
199
Views
0
Helpful
0
Replies
Highlighted

Static Vs Dynamic NAT with no-proxy-arp

Hello!

 

I had an issue when I setup AnyConnect for a client on a FTD firewall using FMC. The issue was that their ISP is handing out static IP addresses to all their clients on a shared /23 network. I didn't specify no-proxy-arp, and after a few hours, the ISP shut off our internet because it was screwing with all their other customers.

 

I apologize for not fully understanding Static vs Dynamic NAT, though I have a basic understanding. The instructions I've been using tell me to do a static NAT rule to specify no nat for internal traffic, but I want to setup a hairpin as well. The instructions tell me to do a dynamic NAT rule for the hairpin. I'm able to check the box for no-proxy-arp on the static NAT, but it's greyed out for the Dynamic NAT. Does dynamic NAT just not use proxy-arp? or does it need to use proxy arp? Or am I missing something else?

 

Thanks,

Andy

0 REPLIES 0