[c-nsp] ASA replying to ARP packets for other hosts...
Gert Doering
gert at greenie.muc.de
Wed Sep 6 13:54:35 EDT 2006
Hi,
On Wed, Sep 06, 2006 at 10:17:35AM -0700, Joseph Jackson wrote:
> Its enabled by default because thats how static translations work. When
> you do a static the pix has to answer for the host since it isn't a
> layer 3 hop.
It's fine if the PIX does proxy ARP *for statically NATted* IP addresses.
Doesn't mean it should do proxy ARP for anything else.
But then, I never found any specific reason to like PIXen. And many to
dislike them. "Fixup protocol smtp", hah.
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany gert at greenie.muc.de
fax: +49-89-35655025 gert at net.informatik.tu-muenchen.de
More information about the cisco-nsp
mailing list