Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA ARP issue??

ASA's MAC address of the inside interface is populated in the CAM table of the switch it's connected to causing connectivity issues for devices in VLAN252.

ASA inside interface:

8: Ext: GigabitEthernet1/1 : address is 001f.6c3d.e287, irq 255

Switch CAM table:

Internet 10.153.252.111 9 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.110 214 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.109 214 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.108 214 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.107 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.106 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.105 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.104 82 001f.6c3d.e287 ARPA Vlan252

Internet 10.153.252.103 82 001f.6c3d.e287 ARPA Vlan252

2 REPLIES
Bronze

Re: ASA ARP issue??

Hi,

I'm not sure if my issue I saw is the same as yours but I installed an ASA running 8.0.4 and ran into alot of packet loss on our DMZ. Turned out, the ASA was responding to ARP requests for hosts on the local LAN causing major packet loss my DMZ subnet. I seem to remember the systems affected were all VM's EXS hosts. I had to disable proxy arp on our DMZ ASA interface with "sysopt noproxyarp dmz" to stop the madness.

HTH

Silver

Re: ASA ARP issue??

Do you have static nat statements? The ASA will proxy-arp for anything configured in a static nat.

358
Views
0
Helpful
2
Replies
CreatePlease to create content