ASA 7.0 to 8.0

Unanswered Question
Oct 20th, 2007
User Badges:
  • Green, 3000 points or more

Upgraded a 5510 to 8.0 yesterday. At some point last night all access to inside services from the outside stopped. After several hours of complete frustration today trying to get it back up I found that a command had been added.

sysopt noproxyarp outside

Why would this have been added from the upgrade? Basically the outside router could not arp any of the addresses inside the firewall which prevented the outside services from functioning. I removed it and everything worked again. The reason it worked originally is because the arp was cached in the outside router for 4 hours. Wouldn't you think that would disabled by default?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rleivaoc Sat, 10/20/2007 - 23:49
User Badges:
  • Cisco Employee,

Do you have the ASA boot-up output when you reloaded the ASA after the upgrade? This will show us what the upgrade script changed, and why.

acomiskey Mon, 10/22/2007 - 05:52
User Badges:
  • Green, 3000 points or more

No I don't sorry. I was too busy trying to get the clients services back up and running.


This Discussion