The VPN 3030 Concentrator with software version 4.1 does not reply to the ARP if the public/private interfaces are in the same VLAN




This documents illustrates an issue faced by an user.


What is ARP?

ARP stands for Address Resolution Protocol. It converts IP address to its corresponding MAC address. It is a low-level network protocol,which operates at Layer 2 of OSI model.


What is Vlan?

VLAN can be defined as a virtual LAN. In other words we can say VLAN is a broadcast domain which is created by switch.


We need a VLAN when:

  • There are more than 200 devices on LAN
  • There is more broadcast traffic on LAN
  • A group of users requires more security or face issue of slow network due to too many broadcasts
  • A groups of users wishes to be in same broadcast domain as they are running the same applications.
  • We can convert a single switch into multiple virtual switches.

Core issue

This occurs when both the public and private VPN concentrator interfaces are connected to the same VLAN. This situation causes multiple entries in the Address Resolution Protocol (ARP) table.

This issue is due to the presence of Cisco bug ID CSCei07252.




As a workaround, perform one of these steps:

  • Use the entry from the ARP table that matches the connection ID.

  • Download and upgrade the code to any one of these versions, or the latest version:

  • 4.7(2)C

  • 4.1(7)I


