Cloning MAC address on PIX 506E running 6.3(5)

jachung · ‎03-09-2007

Is it possible to change the mac address of the outside interface of a pix firewall (e.g PIX 506E) running 6.3(5)?

Background: My ISP bound the MAC address of my other firewall (SMC) when offering the DHCP lease. As a result, when I plug the PIX I am unable to get a proper DHCP lease.

----------------------------------------

BigI# sh debug

debug dhcpc packet

debug dhcpc error

debug dhcpc detail

BigI#

BigI# 411001: Line protocol on Interface outside, changed state to up

DHCP: allocate request

DHCP: new entry. add to queue

DHCP: new ip lease str = 0xf3fcac

DHCP: SDiscover attempt # 1 for entry:

Temp IP addr: 0.0.0.0 for peer on Interface: outside

Temp sub net mask: 0.0.0.0

DHCP Lease server: 0.0.0.0, state: 1 Selecting

DHCP transaction id: 0x60A588

Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs

Next timer fires after: 2 seconds

Retry count: 1 Client-ID: cisco-001a.a2a4.6172-outside

DHCP: SDiscover: sending 276 byte length DHCP packet

DHCP: SDiscover 276 bytes

DHCP Broadcast to 255.255.255.255 from 0.0.0.0....

DHCP: SDiscover attempt # 2 for entry:

Temp IP addr: 0.0.0.0 for peer on Interface: outside

Temp sub net mask: 0.0.0.0

DHCP Lease server: 0.0.0.0, state: 1 Selecting

DHCP transaction id: 0x60A588

Lease: 0 secs, Renewal: 0 secs, Rebind: 0 secs

Next timer fires after: 2 seconds

Retry count: 2 Client-ID: cisco-001a.a2a4.6172-outside

DHCP: SDiscover: sending 276 byte length DHCP packet

DHCP: SDiscover 276 bytes

DHCP Broadcast to 255.255.255.255 from 0.0.0.0

DHCP: SDiscover attempt # 3 for entry:

-------------------------------------

TIA.

Jason.

vitripat · ‎03-09-2007

Unfortunately we cant assign a different MAC address to interfaces in 6.x code. This is possible though from 7.2, 7.x code is not supported for PIX-506E. Our best bet here would be to get in touch with ISP and get the MAC address changed in their records.

Regards,

Vibhor.