AnsweredAssumed Answered

Proxy Arp's for subnet not on firewall

Question asked by Juan Concepcion on Sep 10, 2017
Latest reply on Sep 13, 2017 by Juan Concepcion

I have run into this several times where I create proxy arp(s) on external interface of the firewall for a distinct subnet so for example:

 

Firewall interface 1.1.1.2

NAT: 2.2.2.2

add arp proxy ipv4-address 2.2.2.2 interface eth1 real-ipv4-address 1.1.1.2

 

the firewall does not respond for the proxy arp(s) but rather routes it back to it's default gateway.  It's not until I add in a static route with reads:

 

add static-route 1.1.1.2/32 nexthop gateway logical eth1

 

that it will start responding for the arps.  Is this expected behavior??

 

--Juan 

Outcomes