Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

PIX ARP entries...

I need to know how to permanently enter in an IP-to-MAC address in the PIX's ARP table. I know that I can change the amount of time that the entry stays in the table from the default, but I need to know how to make it stay in there until manually removed...

Any ideas?

4 REPLIES
Silver

Re: PIX ARP entries...

arp interfacename ipaddress macaddress

i.e, :

arp inside 1.1.1.1 aaaa.aaaa.aaaa

Community Member

Re: PIX ARP entries...

Thanks for the reply but that is not a permanent entry. The entry will on remain in there until the ARP table times out...

A member of TAC gave me a handle or option that would allow the entry to bypass the ARP table timeout.

Does anyone know how to do this?

Community Member

Re: PIX ARP entries...

are you sure? a static arp entry should stick. once you save it, it should be stored in nvram as part of the startup config. as far as i am aware only dynamically learned arp entries will time out. i have never had a problem with this as i have used this with on pix firewalls that are connected to the Internet in which this customer wants no external to internal access (not even icmp echo packets)

there was once a problem with that. it was fixed in like FOS 4.4

bug ID CSCds77371

Community Member

Re: PIX ARP entries...

Yes , I am sure... I think the default is like 14440 seconds (not positive thought). About every 4 hours the static arp entry disappears ..

I had an issue similar to this a couple years ago and there was this advanced option that the TAC rep recommended (which did work)...

397
Views
0
Helpful
4
Replies
CreatePlease to create content