Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

static translations via OSPF 7.0(4) to 8.0(2) upgrade

We have an ASA5520 running 7.0(4). This firewall has several static translations and it is announcing these out the outside interface via OSPF. I recently tried to upgrade to 8.0(2) and the firewall stopped announcing these translations. Why did this change?

2 REPLIES

Re: static translations via OSPF 7.0(4) to 8.0(2) upgrade

Matthew, refer to this thread as it seems you may have had the same issue with"sysopt noproxyarp outside" during upgrade process, if this is the case it is good for cisco to collect this info to try figuring out why this command is placed in fw when upgrading to 8.0 , this disables proxy arp , issue " show running-config sysopt" if seen as "sysopt noproxyarp outside" you must enable it by "no sysopt noproxyarp outside" in order for fw outside responds to arp request for your static translations to inside.

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Firewalling&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cbe37a7

New Member

Re: static translations via OSPF 7.0(4) to 8.0(2) upgrade

I know that this is an extremely old thread but I thought that I should answer anyway.

My issue wasn't with proxy arp, it was with OSPF. Either by design or "feature", ASA versions < 7.2(3) (I think) advertised static translations via ospf. For example if I had the following:

static (inside,outside) 11.11.11.11 10.10.10.10 netmask 255.255.255.255

The ASA would advertise 11.11.11.11/32 though the outside interface. When I upgraded to 8.0, I lost this functionality.

107
Views
0
Helpful
2
Replies