Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Arp-Cache 6506 vs. ASA 5510 with static NAT

Hi there,

I have got an ASA5510 connected to a 6506.
Behind the ASA  is an internal network and in the DMZ is a proxy-server.

6506 (=GW .137) -> ASA 5510 (outside .141) -> internal
                      |
                   DMZ (static NAT .138 -> 192.168.1.10)
                      |
                    Proxy (192.168.1.10)


After changing the ASA with an other ASA (newer software 8.2.2 for testing,
same config) the internet-connection works fine. The connection from the internal
network and internet to the proxy fails. The 6506 hasn't updated his arp-cache.


How can i force the update?


6506e1#sh arp | incl 302
Internet  x.x.x.137         -   0023.6506.3700  ARPA   Vlan302
Internet  x.x.x.138       104   0022.xxxx.2bc6  ARPA   Vlan302 (= new ASA)
Internet  x.x.x.141         1   0017.yyyy.8a5a  ARPA   Vlan302 (= old ASA)

6506e1#clear arp-cache interface vlan 302

6506e1#sh arp | incl 302
Internet  x.x.x.137         -   0023.6506.3700  ARPA   Vlan302
Internet  x.x.x.138       105   0022.xxxx.2bc6  ARPA   Vlan302
Internet  x.x.x.141         1   0017.yyyy.8a5a  ARPA   Vlan302


clear mac-address-table dynamic vlan 302

Fails also.

What can i do?

Regards
Marc

1 REPLY
New Member

Re: Arp-Cache 6506 vs. ASA 5510 with static NAT

Here a workarround:

6506e1(config)#int vlan 302
6506e1(config-if)#shu
6506e1(config-if)#no sh
6506e1(config-if)#exit

Regards

Marc

609
Views
0
Helpful
1
Replies