Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
570
Views
9
Helpful
1
Replies

Proxy arp on a firewall

rajeshiyer
Level 1
Level 1

‎04-03-2007 04:56 AM - edited ‎03-09-2019 05:43 PM

Hello All,

Could you tell me the reason behind enabling proxy arp on the PIX ?

What is its significance?

Thanks

Iyer

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎04-03-2007 12:58 PM

Hi

Arp is used to obtain a mac address from an IP address. For a machine to send a packet to another machine on the same network it needs to obtain the mac-address of that machine.

Now lets say you have this statement on your pix

static (inside,outside) 206.156.17.1 192.168.1.2 netmask 255.255.255.255

which says present the internal address of 192.168.1.2 as a public ip address 206.156.17.1 to users on the outside of the pix.

Proxy arp allows the pix to respond to arp requests for hosts behind it. So when an arp request is made for 206.156.17.1 the pix will respond with it's own mac-address, receive the IP packets and forward them on to the internal host 192.168.1.2.

Without proxy arp outside hosts would not be able to reach the 192.168.1.2 server.

HTH

Jon

Customers Also Viewed These Support Documents