×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ASA 8.4 and proxy-arp for static with service

Unanswered Question
Nov 10th, 2011
User Badges:

Hi, I know there's the bug CSCti38867, but today I've verified that ASA 8.4(2) does proxy-arp on outside interface for static like that:


static (inside,outside) static private_ip public_ip


but not for static like that:


static (inside,outside) static private_ip public_ip service tcp-ftp tcp-ftp


is that a know bug ?


thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Maykol Rojas Thu, 11/10/2011 - 20:43
User Badges:
  • Cisco Employee,
  • Participante Destacado,

    Mejor Publicación, Diciembre del 2015

ASA should proxy ARP for port forwarding as well.


Now, as the bug says, it is on release pending and it says, asa MAY fail to proxy ARP, so the fact that it works for some IPs or in other ASAs can be an option.


In order to identify if it is because of this same bug, you will need to setup a capture type ether-type arp and check on the ARP request from the upstream router and check if the FW is getting it, if it does but it does not answer, then it is because of this same bug.


Mike

r.spiandorello Fri, 11/11/2011 - 01:37
User Badges:

OK, I'll verify with the capture type ether-type arp, anyway can I solve the issue with the arp command with alias option ?


Thinking to update the ASA version, I've found an 8.4(2)-8 interim but I cannot find the 8.5 ...


Renato

Maykol Rojas Fri, 11/11/2011 - 08:46
User Badges:
  • Cisco Employee,
  • Participante Destacado,

    Mejor Publicación, Diciembre del 2015

Nope,


The way to temporally solve it until the bugs throws out a version that will fix this problem will be putting an static ARP entry on the upstream router.


Mike

Actions

This Discussion