Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Preserving mac addresses from branch location

We brought a branch location online awhile back via a site to site T1 and a couple of 1841s. Everything is running great, but a problem I'm having is that the branch location client's mac address is showing up in my firewall logs as the mac for the 1841 FastEthernet interface on the Headquarters side. I would like to be able to preserve the clients mac addresses so that they show up in the firewall logs correctly. Thanks for the help

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Blue

Re: Preserving mac addresses from branch location

Jerrod

mac-addresses are not preserved across L3 hops so unless your branch is connected to the HQ site with a L2 link which would also mean the 1841 routers on either side would have to be bridging the connection, then you won't be able to preserve the mac-address.

So when the packets arrive at HQ and are sent from the 1841 to your firewall the src mac-address will always be the 1841 fast ethernet interface. The src IP will obviously be the client.

This is normal TCP/IP behaviour.

Jon

4 REPLIES
Blue

Re: Preserving mac addresses from branch location

Hi:

It seems as though proxy arp is enabled on your router's LAN interface.

HTH

Victor

Hall of Fame Super Blue

Re: Preserving mac addresses from branch location

Jerrod

mac-addresses are not preserved across L3 hops so unless your branch is connected to the HQ site with a L2 link which would also mean the 1841 routers on either side would have to be bridging the connection, then you won't be able to preserve the mac-address.

So when the packets arrive at HQ and are sent from the 1841 to your firewall the src mac-address will always be the 1841 fast ethernet interface. The src IP will obviously be the client.

This is normal TCP/IP behaviour.

Jon

Blue

Re: Preserving mac addresses from branch location

Wow, I read the post back asswards...:-)

Sorry, been a rough week. ..

Jon, naturally, is 100% correct. The source and destination IP addresses are always preserved, but the MAC-addresses are re-written by each forwarding device on a hop-by-hop basis.

Sheeew..that was bad one!

Jon, as a conciliatory gesture for being so stupid, I rated your post ;-)

Victor

Hall of Fame Super Blue

Re: Preserving mac addresses from branch location

Victor

No problem, i figured you just misread the question. You could trawl through my posts and find some really bad answers :-)

Jon

155
Views
5
Helpful
4
Replies
CreatePlease to create content