Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ARP problem with Cisco PIX

Unanswered Question
Jun 26th, 2003
User Badges:

I have a Cisco Pix 520E . The problem with this is that whever i try to ping a local server from another local server, the hardware address is that of the PIX firewall and finally the ping doesnt work.. This is leading to many server-to-server communication issues for me. Both the servers are behind the same pix firewall. When i take the arp of these servers and see, the servers will show that the other server has the ARP of the pix firewall. Do I need to do any setting on the pix so that the local servers communicate with each other smoothly?

Thanks in advance,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ywadhavk Thu, 06/26/2003 - 16:29
User Badges:
  • Cisco Employee,

Hi Ramesh,

This command might help you.

sysopt noproxyarp if_name

sysopt noproxyarp

By default, the PIX Firewall responds to ARP requests directed at the PIX Firewall's interface IP addresses as well as to ARP requests for any static or global address defined on the PIX Firewall interface (which are proxy ARP requests).

The sysopt noproxyarp if_name command lets you disable proxy ARP request responses on a PIX Firewall interface. However, this command does not disable regular (non-proxy) ARP request responses on the PIX Firewall interface itself. Consequently, if you use the sysopt noproxyarp if_name command, the PIX Firewall no longer responds to ARP requests for the addresses in the static, global, and nat 0 commands for that interface but does respond to ARP requests for its interface IP addresses.



ramesh.krishnan Thu, 06/26/2003 - 17:35
User Badges:

hi yatin,

thank you very much. my problem is resolved.!!!!




This Discussion