[c-nsp] ASA 5510 - NAT
Gordon Bezzina
gordon.bezzina at bell.net.mt
Mon Aug 21 11:38:36 EDT 2006
Hi,
Instead of jumping of a three story building I'm gonna send this email.
Maybe someone will see what I am failing to!
Anyhow, I got an ASA5510 PIX firewall. What is happening is that the
internal machines on the LAN are getting the mac address of the internal
firewall interface for the other machines.
SO as you can see below:
C:\Documents and Settings\Administrator>arp -a
Interface: 172.21.100.130 --- 0x10003
Internet Address Physical Address Type
172.21.100.140 00-17-95-27-3f-80 dynamic
172.21.100.254 00-17-95-27-3f-80 dynamic
Server with IP 172.21.100.130 cannot ping and work with 172.21.100.140
Because it tries to use the same MAC address of the firewall!!!
Obviously if I do a static mac record to the arp table, it will work fine
But there must be something wrong here.
Anyone got something similar?
Any hints?
Thanks/Regards
Gordon
More information about the cisco-nsp
mailing list