Hi,
One of our customers Watchguard firewalls appears to be responding to ARP
broadcasts with it's own MAC address on the trusted network. This is
causing major problems on the LAN. I am not familiar with Watchguard kit at
all, so does anyone know why this is happening (proxy ARP?) and how to turn
it off (if turning it off is the right solution)?
P.S. Please see the ARP table from the Firebox included below. All the ARP
mappings with flags of CMP contain the MAC address of the trusted interface
of the Watchguard.
Thanks,
D.
ARP Table:
Address HWtype HWaddress Flags Mask
Iface
192.168.1.240 ether 00:50:7F:26:F7:FF C
eth1
195.74.99.193 ether 00:20:6F:18:DE:46 C
eth0
192.168.1.178 ether 00:0F:1F:0F:D8:5A C
eth1
192.168.1.5 ether 00:07:85:A2:C9:29 C
eth1
192.168.1.10 ether 00:0B:DB:A9:52:A7 C
eth1
192.168.1.172 ether 00:48:54:50:12:0B C
eth1
192.168.1.201 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.203 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.186 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.194 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.196 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.202 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.192 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.191 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.189 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.195 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.190 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.181 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.183 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.184 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.188 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.197 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.182 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.187 ether 00:90:7F:20:90:15 CMP
eth1
192.168.1.185 ether 00:90:7F:20:90:15 CMP
eth1
DComTalk.com
Discussion of VoIP, VPN, Video Conferencen, DSL and other data commucations.
Watchguard ARP problem
4 posts
• Page 1 of 1
Re: Watchguard ARP problem
by Leythos » Fri Dec 09, 2005 12:19 pm
In article <43995e55$0$29574$da0feed9@news.zen.co.uk>, 123@123.com
says...
What model Firebox is it?
What firmware are you running?
When you posted this question on the WG Support Forums, what response
did you get?
I'm running a FireBox II and Firebox III/1000 and an X700 and X1000 at
several locations and have not seen this, but I'm also running the
latest firmware with service patches.
--
spam999free@rrohio.com
remove 999 in order to email me
says...
One of our customers Watchguard firewalls appears to be responding to ARP
broadcasts with it's own MAC address on the trusted network. This is
causing major problems on the LAN. I am not familiar with Watchguard kit at
all, so does anyone know why this is happening (proxy ARP?) and how to turn
it off (if turning it off is the right solution)?
P.S. Please see the ARP table from the Firebox included below. All the ARP
mappings with flags of CMP contain the MAC address of the trusted interface
of the Watchguard.
What model Firebox is it?
What firmware are you running?
When you posted this question on the WG Support Forums, what response
did you get?
I'm running a FireBox II and Firebox III/1000 and an X700 and X1000 at
several locations and have not seen this, but I'm also running the
latest firmware with service patches.
--
spam999free@rrohio.com
remove 999 in order to email me
- Leythos
Re: Watchguard ARP problem
by D » Fri Dec 09, 2005 12:21 pm
Hi Leythos,
I believe it's a Watchguard Firebox III/500 if that makes sense?
Don't know what firmware version is running at the moment.
I haven't posted on the WG Support Forums?
Thanks,
D.
"Leythos" <void@nowhere.lan> wrote in message
news:sLdmf.183110$tD4.19508@tornado.ohiordc.rr.com...
I believe it's a Watchguard Firebox III/500 if that makes sense?
Don't know what firmware version is running at the moment.
I haven't posted on the WG Support Forums?
Thanks,
D.
"Leythos" <void@nowhere.lan> wrote in message
news:sLdmf.183110$tD4.19508@tornado.ohiordc.rr.com...
In article <43995e55$0$29574$da0feed9@news.zen.co.uk>, 123@123.com
says...
One of our customers Watchguard firewalls appears to be responding to ARP
broadcasts with it's own MAC address on the trusted network. This is
causing major problems on the LAN. I am not familiar with Watchguard kit
at
all, so does anyone know why this is happening (proxy ARP?) and how to
turn
it off (if turning it off is the right solution)?
P.S. Please see the ARP table from the Firebox included below. All the
ARP
mappings with flags of CMP contain the MAC address of the trusted
interface
of the Watchguard.
What model Firebox is it?
What firmware are you running?
When you posted this question on the WG Support Forums, what response
did you get?
I'm running a FireBox II and Firebox III/1000 and an X700 and X1000 at
several locations and have not seen this, but I'm also running the
latest firmware with service patches.
--
spam999free@rrohio.com
remove 999 in order to email me
- D
Re: Watchguard ARP problem
by Leythos » Fri Dec 09, 2005 12:21 pm
In article <43997f97$0$29563$da0feed9@news.zen.co.uk>, 123@123.com
says...
There is an X/500, don't recall there being an III/500.
For the X/500, it's version 7.3 with 4 hot fixes.
They have a full online forum for registered users that you can access
from their support site - lots of people with lots of help/experience.
--
spam999free@rrohio.com
remove 999 in order to email me
says...
Hi Leythos,
I believe it's a Watchguard Firebox III/500 if that makes sense?
There is an X/500, don't recall there being an III/500.
Don't know what firmware version is running at the moment.
For the X/500, it's version 7.3 with 4 hot fixes.
I haven't posted on the WG Support Forums?
They have a full online forum for registered users that you can access
from their support site - lots of people with lots of help/experience.
--
spam999free@rrohio.com
remove 999 in order to email me
- Leythos
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests