This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Matlu
Advisor
‎2023-10-29 02:11 PM
Jump to solution

ARP Table Cleanup.

Hello,

Is it possible to do a "cleaning" of the ARP table, in a GW Check Point (using the CLI, maybe)?

I have a problem with a web service posting using port 443.

The eth3 interface of our GW has the public pool 190.187.181.x/26

From that pool we are taking a free IP, and making a publication, but the service is not working.

We have "added" an entry in the Proxy ARP, to announce to the Router above, that we have the Public IP that we are using to publish, however, the service does not work, and it seems to be a problem with the ARP table.

We want to try doing a cleanup of this table. Is it possible?

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth3, link-type EN10MB (Ethernet), capture size 262144 bytes
12:40:48.771135 ARP, Request who-has 190.187.181.202 tell 190.187.181.253, length 46
12:40:50.769658 ARP, Request who-has 190.187.181.202 tell 190.187.181.253, length 46
12:40:55.767368 ARP, Request who-has 190.187.181.202 tell 190.187.181.253, length 46
12:41:03.825759 ARP, Request who-has 190.187.181.202 tell 190.187.181.253, length 46
12:41:10.849822 ARP, Request who-has 190.187.181.202 tell 190.187.181.253, length 46
12:41:17.843988 ARP, Request who-has 190.187.181.202 tell 190.187.181.253, length 46

Greetings.

0 Kudos
1 Solution

Accepted Solutions
Chris_Atkinson
Employee Employee
Employee
‎2023-10-30 06:34 AM
In response to Matlu
Jump to solution

Which order did you do things (config wise), have you tried installing policy again since?

CCSM R77/R80/ELITE

View solution in original post

0 Kudos
4 Replies
Chris_Atkinson
Employee Employee
Employee
‎2023-10-30 03:48 AM
Jump to solution

What do the following commands tell you about the new entry?

[Expert@HostName:0]# fw ctl arp

[Expert@HostName:0]# fw ctl arp -n

[Expert@HostName:0]# arp -a

[Expert@HostName:0]# arp -e

CCSM R77/R80/ELITE
0 Kudos
Matlu
Advisor
‎2023-10-30 06:08 AM
In response to Chris_Atkinson
Jump to solution

Hello,

These commands show me all the IPs we are using to publish services, for example:

x.x.x.198
x.x.x.199

The strange thing is that it does not "show" the x.x.x.202, which is the new IP that we have used for a publication.

But this IP is already added correctly in the Proxy ARP.

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-10-30 06:34 AM
In response to Matlu
Jump to solution

Which order did you do things (config wise), have you tried installing policy again since?

CCSM R77/R80/ELITE
0 Kudos
Matlu
Advisor
‎2023-10-30 06:55 AM
In response to Chris_Atkinson
Jump to solution

Hello,

I have retrying the installation of policies, and now the public x.x.x.202 appears in the list of "fw ctl arp -n".

I have the impression that in the first installation I did, it was not applied correctly.

Thanks for the suggestion.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events