Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi folks...
Haven't posted in a while so I hope this is the right place. I bounced this off of the TAC guys and they said this should work....alas it does not.
We have two ASA failover pairs. One pair handles inbound/outbound web traffic and we are...
Same here. I referenced this thread and the link above in my last email to the Cisco tech working on my case...
*sigh*
The 'half baked' upgrades are becoming more common.
From Cisco TAC...
"When no sysopt noproxyarp outside is enabled on both the ASA pairs (ASA Web traffic, ASA VPN) , then they do a proxy arp for same inside subnet 10.10.10.0/24(directly connected on inside), thus mapping there outside interface mac a...
We are able to duplicate this issue in our test environment.
When proxy-arp is enabled on the active interfaces of both ASA pairs in the diagram the outside interface of the web traffic pair will eventually crash. The crashed interface can be tempor...
So after some research we decided to set this up in a test-ish environment. With proxy-arp disabled on all interfaces in the ASA VPN pair (using the sysopt noproxyarp <interface>) everything is stable. Proxy-arp is still enabled on the ASA web traffi...
