Filter
Top Products
11-46
Cisco ASDM User Guide
OL-16647-01
Chapter 11 Configuring Dynamic And Static Routing
Proxy ARPs
Modes
The following table shows the modes in which this feature is available:
Proxy ARPs
In rare circumstances, you might want to disable proxy ARP for global addresses.
When a host sends IP traffic to another device on the same Ethernet network, the host needs to know the
MAC address of the device. ARP is a Layer 2 protocol that resolves an IP address to a MAC address. A
host sends an ARP request asking “Who is this IP address?” The device owning the IP address replies,
“I own that IP address; here is my MAC address.”
Proxy ARP is when a device responds to an ARP request with its own MAC address, even though the
device does not own the IP address. The security appliance uses proxy ARP when you configure NAT
and specify a global address that is on the same network as the security appliance interface. The only
way traffic can reach the hosts is if the security appliance uses proxy ARP to claim that the security
appliance MAC address is assigned to destination global addresses.
Fields
• Interface—Lists the interface names.
• Proxy ARP Enabled—Shows whether proxy ARP is enabled or disabled for NAT global addresses,
Yes or No.
• Enable—Enables proxy ARP for the selected interface. By default, proxy ARP is enabled for all
interfaces.
• Disable—Disables proxy ARP for the selected interface.
Modes
The following table shows the modes in which this feature is available:
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• •— • —
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• • • •—