Pix 535 7.2(3) and gratuitous arp

Unanswered Question
Mar 29th, 2009

I have a pair of Pix 525 firewalls in Active/Standby. They are frontended by a different pair of firewalls that are also in A/S failover with a pair of 2960 switches between them.

When the other firewalls fail over, the new active sends out a gratuitous arp to take over the shared IP address, but it appears that the Pix didn't honor it. I haven't performed a debug on it yet since it will require some downtime. I am planning on performing some in the near future but I was hoping that somebody has seen this before.

I have done a lot of googling and Cisco searches but I haven't found much.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
wdrootz Fri, 04/03/2009 - 12:53

If you are running PIX 6.2, you can use the failover mac address command to hardcode the MAC addresses to be used in failover


This Discussion