R1---inside----2xASA ---outside---R2--------R3 Background: 1. I have 2 x asa configured in A/A multi-context mode. 2. C1 is active on asa1 and C2 is active on ASA2. 3. The redundant/outside interface has 2 physical ports (e0/0 and e0/1) 4. e0/0 is active in ASA1 and e0/1 in ASA2
Everything works as usual when both firewall in the above asci diagram are turned "ON". To save some power, I have shutdown 1xASA2. Only ASA1 is in the picture when issue occurs. The issue: Whenever I reboot R2, I always get below duplicate ARP entries in R2's MAC table. a) R2 to C1 PINGS OK b) R2 to C2 doesn't ping because duplicate mac To fix it, I have to do "clear arp" on ASA1 C2. C2 start working. R2#show arp Protocol Address Age (min) Hardware Addr Type Interface Internet 3.3.15.254 52 12ff.0100.0100 ARPA FastEthernet0/0 Internet 3.3.15.253 51 12ff.0100.0100 ARPA FastEthernet0/0 Internet 3.3.15.115 52 111.c7e3.1111 ARPA FastEthernet0/1 I don't understand why rebooting R2 is getting duplicate arp. After claring ARP table on C2 I see diffreent ARP in R2's MAC table. Any idea? I am just pulling my hair. ASA is running 8.0(3)., I have changed R2 and put R3 or R4 - problem remains the same. Even hooked a router with IOS v.15, and it made no difference.
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
