Arp problems with pix

johan.blom · ‎07-16-2001

I have two sites with problems with the arp cache and the alias command.

It seams like when I use pix 6.0(1) and the alias command it sometimes respond to an arp broadcast so the clients on the network get the pix mac adress and makes it inpossible for the users to access the server. I have tryed to add sysopt proxyarp, but with no luck. Anyone know how to fix this? It works perfect with 5.3.1 at another site.

I have added static arp in the pix but that won't work either ( and it had the right mac adress befor)

johan.blom · ‎07-17-2001

I have also deleted the alias command and done an clear xlate, but with no result.

jekrauss · ‎07-17-2001

A sysopt noproxyarp inside and a clear xlate should resolve the alias issue. Do a clear arp as well to clear out the old arp cache.

As far as establishing basic connectivity, it is wise to clear the arp cache on the routers connecting to PIX as well to clear out the MAC addy's of the devices that were previously connected to those routers.

Good luck!

johan.blom · ‎07-17-2001

I have done that with no luck. and the pix always had the right arp tabel, just the client machines get the pix MAC adresses sometimes. (quite ofen :(

Hmm so the router on the outside can respond with the pix mac adress? If so there have to be an bug in pix, as the machine wich the clients sometimes get wrong mac address for is on the same network as the pix.

And yes I use sysopt nopproxy arp inside ( and I don't use it on an 5.3.1 pix but it works fine anyway)