ASA ignoring gratuitous ARP

Unanswered Question
May 8th, 2008

Hi there, I have a pair of F5 Firepass SSL VPN devices. They are sitting behind a pair of ASA's. When the Firepass devices fail over they send a gratuitous ARP informing of the MAC change but the ASA ignores this. The only way I can resolve it is to cleat the ARP on the Firewalls. I searched existing posts here and found a similar topic but not much repsonse. Has anybody seen this before?

Any help appreciated.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smahbub Wed, 05/14/2008 - 05:52

check if the source and dest IP addresses in the ARP are the same.

can you provide the following information which will help us in identifying the issue better and resolving the same:

1) The output of "sho np 3 stats | inc ARP", then fail the CSS over,

and capture the output again.

2) Create a capture on the FWSM, and capture the ARP traffic to verify

the CP is actually getting the Grat. ARP packet


This Discussion