I take it this is something to do with testing the default gateway. Does it make sure the gateway is still there, otherwise tries for something that will respond with a proxy ARP? Can you change the default gateway to the 6509 and let it route to the firewall if necessary. Not going to stop the pings, but won't clog the log. I wouldn't have thought it's ideal to have the firewall as default gateway anyway. Can the firewall redirect inside if necessary?
Totally guessing to be honest, anybody else know for sure. Gaz ""Wilson, Christian"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I have 4 2948g's in 4 different wiring closets all wired to a core 6509 > through gig uplinks. The interfaces on the switches are all assigned to > VLAN 2, my management VLAN. The only way to access VLAN 2 is through a > checkpoint firewall running NG. All switches have the firewall interface > address as their default gateway. I am able to telnet to all switches and > manage them remotely just fine. I am able to ping all other subnets in my > network from the switches, routing seems fine. > > My firewall logs show that all five switches are constantly pinging the > firewall interface, icmp-type 8 icmp-code 0. No one is connected to my > switches issuing a ping. These are echos, not echo-replies. When I run a > sniffer on the VLAN, I show nothing going to the swithes in the way of IP > traffic, just the echos coming from the switches. Each 2948g has about 15 > 2924-xl-en's attached to it through trunking. None of the 2924's are trying > to ping the firewall, although they all have the same VLAN assignment on > their mgmt interfaces, the same default gateway, and are in the same subnet. > There is no CGMP enabled, no DNS, no IP redirects. The icmp packets have a > TTL of 1, the sniffer reporting a TTL expired message. The icmp traffic is > constant, one every second. How can I stop this? Why is it happening? Why > don't my 2924's ping but my 2948g's and 6509 do? Please help! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=44897&t=44897 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
