Arp-Cache 6506 vs. ASA 5510 with static NAT

Unanswered Question
Mar 22nd, 2010
User Badges:

Hi there,



I have got an ASA5510 connected to a 6506.
Behind the ASA  is an internal network and in the DMZ is a proxy-server.


6506 (=GW .137) -> ASA 5510 (outside .141) -> internal
                      |
                   DMZ (static NAT .138 -> 192.168.1.10)
                      |
                    Proxy (192.168.1.10)


After changing the ASA with an other ASA (newer software 8.2.2 for testing,
same config) the internet-connection works fine. The connection from the internal
network and internet to the proxy fails. The 6506 hasn't updated his arp-cache.


How can i force the update?


6506e1#sh arp | incl 302
Internet  x.x.x.137         -   0023.6506.3700  ARPA   Vlan302
Internet  x.x.x.138       104   0022.xxxx.2bc6  ARPA   Vlan302 (= new ASA)
Internet  x.x.x.141         1   0017.yyyy.8a5a  ARPA   Vlan302 (= old ASA)

6506e1#clear arp-cache interface vlan 302

6506e1#sh arp | incl 302
Internet  x.x.x.137         -   0023.6506.3700  ARPA   Vlan302
Internet  x.x.x.138       105   0022.xxxx.2bc6  ARPA   Vlan302
Internet  x.x.x.141         1   0017.yyyy.8a5a  ARPA   Vlan302


clear mac-address-table dynamic vlan 302

Fails also.


What can i do?

Regards
Marc

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
marcbujack Mon, 03/22/2010 - 08:18
User Badges:

Here a workarround:


6506e1(config)#int vlan 302
6506e1(config-if)#shu
6506e1(config-if)#no sh
6506e1(config-if)#exit


Regards

Marc

Actions

This Discussion