Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

arp cache issue on firewall

Hi,I am running HSRP on my internal lan with the inside ethernet interface of my firewall on the same lan and plugged into the switch. There are 2 cisco routers - all wan links are terminated on Cisco1 and isdn is terminated on Cisco2. The active default gateway is pointed towards Cisco1 and the arp cahce on the PIX has this virtual ip address and mac address in its cache. If we loose this router, Cisco2 takes over and isdn is raised. However, the arp cache on the firewall gets stuck and we have to refresh the arp cache manually even though in theory, the virtual mac address and ip address does this change. Does anyone know why we have to refresh the arp cache

  • Other Security Subjects
1 REPLY
Bronze

Re: arp cache issue on firewall

Hi, there is a bug (CSCdv39306) that seems to document a problem similar to the one described by you,. However, the documented problem talks about a total loss of the default route's ARP entry. If by saying "arp cache on the firewall gets stuck" you mean loosing the cache entry totally, you should probably see this bug. The workaround seems to be configure a static mapping to the virtual MAC using the arp command with the alias option. To configure the same, please see http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_61/cmd_ref/a.htm#xtocid7

210
Views
0
Helpful
1
Replies