From: Roberts, Larry (Larry.Roberts@expanets.com)
Date: Thu May 15 2003 - 10:22:38 GMT-3
I would check your global statement to be sure that the .1 is not in the
range.
I would also check through all your static's to make sure that you don't
have a static set to .1
Thanks
Larry
-----Original Message-----
From: Phil Virnoche [mailto:p.virnoche@verizon.net]
Sent: Thursday, May 15, 2003 7:05 AM
To: ccielab@groupstudy.com
Subject: OT: PIX answering ARP for other IPs on segment
(An " ATTA-BOY " award to anyone that can solve this one !!! )
Good morning all-
I have a real head scratcher that I can't find anything documented on. Here
is my setup:
INTERNET --------- Border Router (10.10.10.1) ---------- Switch
--------------- ( 10.10.10.2) Pair of PIX 520's in failover -( 6.2.2 OS
)
Off of the switch I have an Aventail VPN server with an IP of 10.10.10.5 ,
and the default gateway set to 10.10.10.1
Now here is the problem: I could not establish a session with the Aventail
from the outside so I set up a SPAN port on the switch and sniffed the
INGRESS port from the Border Router. I saw the traffic coming in. Next I
sniffed the EGRESS port from the switch to the Aventail and saw traffic
coming in, AND the Aventail answering !!! But where in the "H" "E" double
tooth picks was it going???? After a few choice swear words and another hour
of troubleshooting I discovered that the ARP cache on the Aventail had an
entry pointing the 10.10.10.1 to the MAC of the PIX !!!!! I immediately
cleared the ARPS on the PIX and the Router and Aventail. Initiated a
continuous ping from the Aventail to the 10.10.10.1. WAH-LA , I could now
establish my VPN connection ! As long as I leave the continuous PING running
on the Aventail, everything works, but if I don't, the ARP cache times out
and the PIX once again answers the ARP for the 10.10.10.1
Anyone ever experienced this ODD behavior before? How did you fix it? ANY
info would be greatly appreciated !!
Regards-
Phil
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:43 GMT-3