Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

strange issue with PIX

hi

i just connected to PIX to network

ips that i have assigned to pix, servers also exist in that subnet.

suddenlty i noticed servers are not getting proper reply cannot access them properly.

at end i notice that interface that was connected to pix ip were assing to that mac (that mac belong to pix)

I9MLSW01#show ip arp 001a.a2a4.71d6

Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  1.1.1.1          1   001a.a2a4.71d6  ARPA   Vlanx

Internet  1.1.1.20           1   001a.a2a4.71d6  ARPA   Vlanx

Internet  1.1.1.50           1   001a.a2a4.71d6  ARPA   Vlanx

Internet  1.1.1.60            1   001a.a2a4.71d6  ARPA   Vlanx

Internet  1.1.1.90           1   001a.a2a4.71d6  ARPA   Vlanx

Internet  1.1.1.230           1   001a.a2a4.71d6  ARPA   Vlanx

Internet  1.1.1.2            0   001a.a2a4.71d6  ARPA   Vlanx (that was original PIX ip)

after removing pix everything was normal.

Jawad       

Jawad
1 REPLY
Super Bronze

Re: strange issue with PIX

Hi,

I am not sure if I understand what you are saying.

It seems to me that you probably have a problem related to Proxy ARP enabled on the PIX interface connected to some LAN/DMZ network.

When Proxy ARP is enabled the PIX might reply to ARP requests even though it doesnt own the IP address for which MAC address the ARP request was for.

The command to disable Proxy ARP on an interface is

sysopt noproxyarp

for example

sysopt noproxyarp inside

So you should probably issue this command for the interface which has that IP address range and then try using the PIX again. Might be good to clear the ARP from the connected router/L3 switch also

- Jouni

95
Views
0
Helpful
1
Replies
CreatePlease login to create content