We help IT Professionals succeed at work.

We've partnered with Certified Experts, Carl Webster and Richard Faulkner, to bring you two Citrix podcasts. Learn about 2020 trends and get answers to your biggest Citrix questions!Listen Now

x

Cannot Ping between servers - Cisco Switch, PIX, NAT, HP server

Medium Priority
651 Views
Last Modified: 2012-05-06
I have the following setup.

2 HP servers
192.168.40.10 (88.88.88.88 - external NAT)
192.168.40.11 (88.88.88.89 - external NAT)

PIX
192.168.40.1 - Internal
88.88.88.87 - External

I have a PIX 515E with NAT enabled.  I cannot ping between servers.  
I have a cisco 3548 switch with 2 VLANs - VLAN 1 has 2 HP servers attached and Internal Interface of PIX, VLAN 10 all external serves and External interface of PIX.

When iIcheck the arp tables on the servers:
on server 192.168.40.10

Interface: 192.168.40.10 --- 0x10003
Internet Address      Physical Address      Type
192.168.40.1          00-13-80-d5-95-44    dynamic
192.168.40.11         00-13-80-d5-95-44     dynamic

On server 192.168.40.11
Interface: 192.168.40.11 --- 0x10003
  Internet Address      Physical Address      Type
  192.168.40.1          00-13-80-d5-95-44     dynamic
  192.168.40.10         00-22-64-c2-ee-a8     dynamic

As you can see on the 40.10 server the arp cache shows the mac ot the firewall.  I think this is the source of my problem and iIdo not know how to fix it.  Please help.

I have deleted and refreshed the arp cach on the switch and both servers and these were the results.

Thank you.


Comment
Watch Question

Top Expert 2009
Commented:
You can disable proxy ARP on the PIX to resolve this.  It's a workaround.:

conf t
sysopt noproxyarp inside

You may have an incorrectly configured static NAT on the PIX that is causing the PIX to ARP reply for the 192.168.40.11 address.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Are the ports for the the two servers (on the switch) set to access or trunk(for the VLAN)?
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.