RE: Unusual behaviour of PIX

["Patrick Doyle" <patrick.doyle () bbc co uk>]

Proxy arp is on by default on the PIX.
 
Your WAN clients could be getting the Mac Address of the PIX, instead of the DHCP server when trying to obtain an IP 
address via DHCP.
 
You can turn off proxy arp by using
 
sysopt noproxyarp if_name
 
This could break NAT tho', another way of doing this would be to create a static arp entry for your DHCP server on the 
PIX
 
arp if_name ip mac 
 
www.cisco.com should be able to help you out with any such queries.
 
Paddy

-----Original Message-----
From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com]On Behalf Of 
jacobjango
Sent: 16 February 2004 06:46
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Unusual behaviour of PIX


PIX 505/506/515
FOS: 6.2
 
I configured DHCP Server on inside*LAN* network and DHCP Client on Outside *WAN* network, 
DHCP server pool (192.168.100.100-192.168.100.110)<<for testing purpose>
 
Observation:: for some time my wan network went dead and on Rebooting PIX it took IP address of Private 
Network.<<192.168.100.103>>
 
My point here is Inbound and outbound are two different intrefaces and are designed to do specific task. How come the 
above happened any theories.
 
Azhar M.W.
Hyderabad

 


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system ( http://www.grisoft.com).
Version: 6.0.585 / Virus Database: 370 - Release Date: 11/02/2004