Proxy arp on a firewall

Unanswered Question
Apr 3rd, 2007

Hello All,

Could you tell me the reason behind enabling proxy arp on the PIX ?

What is its significance?



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Jon Marshall Tue, 04/03/2007 - 12:58


Arp is used to obtain a mac address from an IP address. For a machine to send a packet to another machine on the same network it needs to obtain the mac-address of that machine.

Now lets say you have this statement on your pix

static (inside,outside) netmask

which says present the internal address of as a public ip address to users on the outside of the pix.

Proxy arp allows the pix to respond to arp requests for hosts behind it. So when an arp request is made for the pix will respond with it's own mac-address, receive the IP packets and forward them on to the internal host

Without proxy arp outside hosts would not be able to reach the server.




This Discussion