LMS 3 - UT with Cisco PIX 506

ashley_dew · ‎05-17-2008

Hi,

I have a problem with remote site and UT. The UT returns the correct MAC and port but no IP address.

It seems to IP resolution is done at the Router end.

The problem here is that the configuration is such:

Router---> PIX 506E--->Switch

The PIX 506E been the default gateway of the subnet, so I guess the UT cannot get the ip arp from PIX.

The PIX has been discovered and collected by CM.

Is there a work around ?

Thx

Joe Clarke · ‎05-17-2008

The PIX, ASA, and FWSM devices are not supported by Campus Manager since they do not support CDP. therefore, you will not be able to get the ARP caches from these devices. What I've had luck with in my lab is setting up a sacrificial router on the same subnet as the PIX which does nothing but collect ARP entries. On this device, I disable IP routing, and set the ARP age timer to maximum. This isn't a perfect solution, but it does capture a lot of the ARP entries.

Joe Clarke · ‎05-17-2008

I should also add that if you leave IP routing enabled on the sacrificial router, and point all end hosts to this router as their default gateway (and configure the router to forward all its traffic to the PIX), then the ARP cache will be much more complete.

ashley_dew · ‎05-18-2008

Yes, that is a good idea, however, the PIX is acting as VPN endpoint for a site to site VPN connection, so it is not possible.

Thx,

Ashley

ashley_dew · ‎05-18-2008

Ok,

I see you're point. Thx for the clarification.