Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
772
Views
0
Helpful
1
Replies

Arp-Cache 6506 vs. ASA 5510 with static NAT

marcbujack
Level 1
Level 1

‎03-22-2010 05:35 AM - edited ‎03-06-2019 10:15 AM

Hi there,

I have got an ASA5510 connected to a 6506.
Behind the ASA  is an internal network and in the DMZ is a proxy-server.

6506 (=GW .137) -> ASA 5510 (outside .141) -> internal
                      |
                   DMZ (static NAT .138 -> 192.168.1.10)
                      |
                    Proxy (192.168.1.10)


After changing the ASA with an other ASA (newer software 8.2.2 for testing,
same config) the internet-connection works fine. The connection from the internal
network and internet to the proxy fails. The 6506 hasn't updated his arp-cache.


How can i force the update?


6506e1#sh arp | incl 302
Internet  x.x.x.137         -   0023.6506.3700  ARPA   Vlan302
Internet  x.x.x.138       104   0022.xxxx.2bc6  ARPA   Vlan302 (= new ASA)
Internet  x.x.x.141         1   0017.yyyy.8a5a  ARPA   Vlan302 (= old ASA)

6506e1#clear arp-cache interface vlan 302

6506e1#sh arp | incl 302
Internet  x.x.x.137         -   0023.6506.3700  ARPA   Vlan302
Internet  x.x.x.138       105   0022.xxxx.2bc6  ARPA   Vlan302
Internet  x.x.x.141         1   0017.yyyy.8a5a  ARPA   Vlan302


clear mac-address-table dynamic vlan 302

Fails also.

What can i do?

Regards
Marc

Labels:
0 Helpful
1 Reply 1

marcbujack
Level 1
Level 1

‎03-22-2010 08:18 AM

Here a workarround:

6506e1(config)#int vlan 302
6506e1(config-if)#shu
6506e1(config-if)#no sh
6506e1(config-if)#exit

Regards

Marc

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card