Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How do you make the PIX respond to ARPs for translated addresses?

Pix has outside and inside addresses. The outside is a full class C.

I have a device on the inside network that I want to be accessable from the outside. I have done the translation statement and added an entry to the outside interface access list to allow a specific service incomming to the inside object.

Unfortunately, the PIX does not respond to ARP on behalf of the inside object. If I configure a static route on my outside gateway router pointing the specific public address of the inside object to the PIX, then everything works. I don't want to have to do this for every inside object that needs to be publicly accessed.

Surely this can be done, the question is, how?

1 REPLY
Cisco Employee

Re: How do you make the PIX respond to ARPs for translated addre

By default the pix would proxy arp for the hosts it

is statically translating. You could disable this functionality if you have something like:

sysopt noproxyarp

So check your config, if you have this pointing to the outside interface. Proxy arp is on by default on the outside, and disabled on the inside interface.

96
Views
0
Helpful
1
Replies