Re: ARP Poisoning?
- From: Arthur Brain <arthur_brain1@xxxxxxxxxxx>
- Date: Sun, 15 Jul 2007 19:02:41 -0700
Steven B wrote:
On Jul 11, 12:50 pm, "J.Cottingim" <jcottin...@xxxxxxxxx> wrote:
I then began thinking that this was an ARP problem and I have twice so
far gone in and done a "clear arp" on the ASA when I have users with
this problem and this fixes the problem too...
When you are experiencing the problem, before clearing the ARP cache
on the ASA, check to see the ARP entry for the client machine (the one
with the problem) matches the actual MAC.
If it matches, check the ARP entry for the next-hop router.
If that matches as well, you are not looking at an ARP poisoning
problem.
If they do not match, track down the offending MAC on the switched
network.
Also, do all of your VLANs use the ASA as a default gateway, or do you
have a router there. - It would help to know the topology of the
network in question.
Thanks
JC
No, none of the VLAN use the ASA as the default gateway. They all use
a 4006 which has different IP addresses assigned to the different
VLANs. I will take a look at the ARP entry's the next time this
happens (most likely tomorrow) and see what is up...
On the non-working clients, do the acquired DHCP details match the
details from the scope on the DHCP server? especially subnet mask?
Just wondering if you have a second DHCP service somewhere handing out
its own DHCP scopes.
.
- References:
- ARP Poisoning?
- From: Steven B
- Re: ARP Poisoning?
- From: J.Cottingim
- Re: ARP Poisoning?
- From: Steven B
- ARP Poisoning?
- Prev by Date: Re: ARP Poisoning?
- Next by Date: Re: ARP Poisoning?
- Previous by thread: Re: ARP Poisoning?
- Next by thread: Re: ARP Poisoning?
- Index(es):
Relevant Pages
|
|
