[c-nsp] ASA 5510 - NAT
Joseph Jackson
JJackson at aninetworks.com
Mon Aug 21 13:24:46 EDT 2006
Try this on the interface givng you the problem. Sysopt noproxyarp
(interface)
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Gordon Bezzina
> Sent: Monday, August 21, 2006 8:39 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] ASA 5510 - NAT
>
>
> Hi,
>
> Instead of jumping of a three story building I'm gonna send
> this email.
> Maybe someone will see what I am failing to!
>
> Anyhow, I got an ASA5510 PIX firewall. What is happening is
> that the internal machines on the LAN are getting the mac
> address of the internal firewall interface for the other machines.
>
> SO as you can see below:
>
> C:\Documents and Settings\Administrator>arp -a
>
> Interface: 172.21.100.130 --- 0x10003
> Internet Address Physical Address Type
> 172.21.100.140 00-17-95-27-3f-80 dynamic
> 172.21.100.254 00-17-95-27-3f-80 dynamic
>
> Server with IP 172.21.100.130 cannot ping and work with
> 172.21.100.140 Because it tries to use the same MAC address
> of the firewall!!!
>
> Obviously if I do a static mac record to the arp table, it
> will work fine But there must be something wrong here.
>
> Anyone got something similar?
>
> Any hints?
>
> Thanks/Regards
> Gordon
>
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list