Bad arp entry help

Hello EE,

One server "storage" gets a bad arp entry in the local arp cache for all users on the network and therefore users cannot connect . Once I delete the arp entry locally on a client pc for "storage" , then receive the correct ip to mac entry it works . The "bad mac" entry for storage  appears to be the cisco pix, I cleared the arp cache there as it did have a bad entry for "storage" . The pix arp cache is correct, however, users still receive a bad arp entry for "storage" , again, it is the cisco pix mac address. So again , have to use arp -d and the storage ip to get it to work again .

Any ideas?
davesnbAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

harbor235Commented:
Do they share the same IP address? By bad you mean its not the mac of the storage device but the MAC of the PIX.

harbor235 ;}
0
davesnbAuthor Commented:
There is no ip conflicts on the network . There is an incorrect arp entry that occurs locally on al client pcs , the mac address is the mac address which is  the pix , when it should be the mac address of storage box. This results in users unable to connect to storage box.
0
harbor235Commented:
So I assume the default gateway is the PIX? in that case your arp tables should have an entry for the PIX. That being said
is the default GW IP associated with the bad entry?

Can you post your arp table (arp -a) and the result of "netstat -rn" for UNIX or route print on windows


harbor235 ;}
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

harbor235Commented:
The other possibility is malicious code being executed by some system on your network to redirect traffic. I would put a sniffer on the network and locate the source of the bad arp entries if my other questions are not applicable.


harbor235 ;}
0
lrmooreCommented:
Disable proxyarp in the pix inside interface
0
davesnbAuthor Commented:
Ok will try those suggestions thanks
0
davesnbAuthor Commented:
By unteaming the nics on the "storage" box and using the good nic as per the arp table when connections were successful , this seems to have resolved the issue.
0
davesnbAuthor Commented:
Arp table was useful in tracking down the  problematic nic card .
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.