jpguillebaud
asked on
Cisco PIX 515E firewall produces incorrect ARP responses
We have a CISCO PIX 515E firewall (software version 6.2(2)). Unfortunately, there appears to be an issue with the ARP table. Whenever a server on our network sends a broadcast ARP request to determine the MAC address of another server, the firewall always responds with the MAC address of the firewall, causing the requesting server to receive 2 MAC addresses for the IP address in question. As a result, the requesting server occasionally assigns the incorrect MAC addresss for that IP address preventing IP packets from travelling between the two servers.
Do you know if there is likely to be a bug in the firmware for the firewall? And/or is there a way to configure this firewall to ignore any ARP requests? To get around this, we have created static entries in the ARP tables on all the servers.
Do you know if there is likely to be a bug in the firmware for the firewall? And/or is there a way to configure this firewall to ignore any ARP requests? To get around this, we have created static entries in the ARP tables on all the servers.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Not as a proxy server per-say, but it has a tendency to answer up arp for anything within its assigned subnet.
ASKER