Sh arp does not show mac address of IP --- ASA
Hi Everyone,
I can ping the IP from the ASA but when i do sh arp it does not show me mac address od that IP.
Need to know the reason behind this.
Regards
MAhesh
So your ASA should have a route on the inside interface to internal networks. The address of that next hop in the routing table is the one you should have in your arp table allowing you to reach non-directly-connected (subnet-wise) hosts within the scope of that route statement.
Think through the logic - ASA pings a host. It needs to determine proper egress interface. It checks and asks "Is it reachable via a directly connected interface (most preferred route)?" Answer no. "Do I have a route statement telling me how to get to it?" Answer yes (otherwise use default). OK - so ASA sends packet out egress interface defined in that route statement to the next hop as defined in route statement and waits for reply.
Similar Messages
-
Dladm does not show mac address for aggr
All,
When I run dladm show-aggr for my two aggr interfaces, I have one not displaying its MAC. Anyone a clue how I can get this sorted?
key: 2 (0x0002) policy: L2 address: 0:14:4f:da:13:e8 (auto)
device address speed duplex link state
nxge2 0:14:4f:da:13:e8 1000 Mbps full up attached
nxge3 <unknown> 1000 Mbps full up attachedCheers,
Davy
Edited by: Davy_S on Apr 18, 2009 1:52 AMI had the same problem. SUN support recommends latest kernel patches. That solved my problem.
-
Express does not show IP address of wireless camera
I have a functioning Axis M1011 wireless camera, with a live stream into Safari on my local iMac. All is well.
My brand new Airport Express is definitely providing the wireless camera feed, as my internal airport card on my iMac is OFF.
What is odd is that Express does not show IP address of the wireless camera when you click on it in Airport Utility.
The iMac is static at 10.0.1.2. Express LAN IP is static at 10.0.1.1. The camera's wireless IP is static at 10.0.1.3.
I have a working, hidden network created by express.
I am baffled why express does not "report" the IP address of the camera that it definitely sees.
It does not report any wireless clients at all.
Any ideas?
Thanks.
macSo your ASA should have a route on the inside interface to internal networks. The address of that next hop in the routing table is the one you should have in your arp table allowing you to reach non-directly-connected (subnet-wise) hosts within the scope of that route statement.
Think through the logic - ASA pings a host. It needs to determine proper egress interface. It checks and asks "Is it reachable via a directly connected interface (most preferred route)?" Answer no. "Do I have a route statement telling me how to get to it?" Answer yes (otherwise use default). OK - so ASA sends packet out egress interface defined in that route statement to the next hop as defined in route statement and waits for reply. -
safari does not show url address line anynore. google is taking up most of the space on the safari page
Hover the cursor over that line until it becomes a big plus sign with arrows on the left and right. Click and drag the cursor so that the rest of the address line is the way you want it.
(66963) -
RE1000 - Does not filter MAC ADDRESS
I bought this to extend the range of my new Linksys 3200, thinking that they would be compatible. Silly me! After spending 3 plus hours screwing around with this, I got online and happened to stumble on a post from another user, that stated that this device DOES NOT FILTER MAC ADDRESSES! So, if you want to use mac filtering you can't use this! Ridiculous! Some basic instructions to inform users of this fact would be helpful. But it comes with no manual or instructions whatsoever. Save your money.
I have a E2500 router, I was adding the Extender because of the size of the office. I set my router up to "Permit only" Mac IDs', right there I should have questioned why nothing worked. The Package & the base of the unit both had a matching MAC ID - to bad that the unit had a different one. I don't remember how much time I spent but finally disable the MAC ID Filter on the router and got the real one. From that point on, everything worked, I even was able to setup with the router internal security switch. Just think how a little thing like an ID would make an IT Guy just a little more mis-trustful, not count the grey hair.
-
ARP cache not adding MAC address
Hi,
We have a network in the company where visitors\customers can connect their PCs to pick up a IP address & access the internet via our cluster of Checkpoint firewalls. The problem we are having is that whenever somebody with a Mac tries to use this network they cannot access the internet although it works fine for all Windows based PCs. So to investigate I got hold of a IBook & made the following observations.
The gateway provided by the DHCP servers is a IP address (192.168.48.203) on a multicast mac address that represents both of the firewalls, which in turn have a physical address of 192.168.48.201 & 192.168.48.202 respectively. This is done to provide redundancy.
What happens on the IBook is that it picks up a DHCP address as well as the DNS & gateway address as supplied by the DHCP server, but then when you try to access the internet you have no joy. If you check the arp table you will then notice that the table have not been updated with the mac address of the 192.168.48.203 gateway. If you then manualy add the mac address of 192.168.48.203, using arp -s, it works fine or if you staticaly configure the IP address settings to use either 192.168.48.201 or 202 as gateways (which have unicast mac addresses) it also solves the problem & immediately updates the arp cache with the mac addresses of either of these two interfaces depending on which one you are using.
We put a sniffer on the network & could see that the mac address for 192.168.48.203 is being passed on to the IBook but for some reason it just does not update the arp cache with this details. Also tried this on some of the other networks we are running that uses the same concept & the same thing happens. As I mentioned no Windows hosts are having this problem & immediately updates their arp details to include the mac address of the .203 address.
On a Mac after obataining a DHCP address & running "netstat -r" you get the following:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 5 5 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 2477 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 1 0 en1
192.168.48.203 link#5 UHRLW 4 30 en1
192.168.51.1 localhost UHS 0 1 lo0
Then after adding the mac address manualy it looks as follows & works fine:
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.48.203 UGSc 26 6 en1
127 localhost UCS 0 0 lo0
localhost localhost UH 9 12353 lo0
169.254 link#5 UCS 0 0 en1
192.168.48/22 link#5 UCS 0 0 en1
192.168.48.203 1:0:5e:7c:0:48 UHLS 26 28 en1
192.168.51.1 localhost UHS
Any ideas why this is happening ?
Regards
IBook G4 Mac OS X (10.4.3)Hi,
I am facing exactly the same problem here with an iMac G5. I have called the apple support and the conclusion was that they have no clue for that and we should wait for an update that will hopefully resolve this.
I was also aksing them if there was a way in the mac to set a static mac address for the gateway in the macintosh so I don't have to run the terminal and type the arp -s every time I start up. They said it is out of the kind of support they can provide... Do you have an idea on how to add a static ARP entry in the table ?
Thank you. -
ARP table not populating mac address for previously reachable IP address
Router has been online and working fine with one BGP neighbor for almost 2 years and no downtime. 2 weeks ago, added a 2nd BGP peer. Everything worked fine for 2 weeks, then all of a sudden yesterday the 2nd BGP peer is disconnected and does not come back. ISP checks and sees everything looks fine on their end. We cannot even ping each other now.
Upon investigation, the ARP table is not even populating the MAC address for the BGP peer IP anymore (same local subnet). Stays "incomplete" in the table no matter what we do, including clearing arp table, changing IP address, etc.
Plug a laptop directly into the 2nd BGP peer FE port and replicate the IP addressing. Laptop cannot ping Router, but Router CAN ping laptop. Check ARP table, but STILL no mac address assigned and now not even the ARP table showing "incomplete".
Thinking it could be the FE interface, switch to the 2nd FE interface and perform same laptop test, this time with arbitrary IP addressing. Now cannot ping each other, no MAC in ARP table.
End up rebooting the router and lo-and-behold, everything is working normally again. 2nd BGP peer peers up instantly.
I should also mention that the 1st BGP peer worked flawlessly throughout, taking all the Internet load and having no issues throughout.
Also, the FE ports for the 2nd BGP peer are on an HWIC FE card plugged into the router. The 1st BGP peer is plugged into the built-in GE interface. 2901 running: c2900-universalk9-mz.SPA.151-4.M4.bin
Lastly, no router resource issues, no error messages, no logs. Just the BGP peer disconnecting.
I have never, in 20 years working with Cisco routers seen something like this before. This is the most fundamental aspect of IP and Ethernet that was not working.
Has anyone ever seen this behavior before??
Here is the router config (IP's changed):
version 15.1
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service internal
service sequence-numbers
boot-start-marker
boot-end-marker
logging buffered 150000
aaa new-model
aaa authentication login LAUTHEN local
aaa authentication login TAUTHEN local group tacacs+ enable
aaa authorization console
aaa authorization exec LAUTHOR local if-authenticated
aaa authorization exec TAUTHOR local group tacacs+ if-authenticated
aaa session-id common
clock timezone PST -8 0
clock summer-time PDT recurring
no ipv6 cef
no ip source-route
ip cef
no ip domain lookup
multilink bundle-name authenticated
username ubiadmin privilege 15 secret 4 .JbeuWXuZvchrG0OL.5BftFtqrrEyxcnVHn5rIuCnTk
username umitsnoc01 privilege 15 secret 4 cUmoRUjey9O1x.wk9S.kleX.iAAhCwihupr6Z98p6OA
redundancy
ip ssh version 2
track 1 interface GigabitEthernet0/0 line-protocol
class-map match-any AutoQoS-VoIP-RTP-Trust
match access-group name SIP-Media-INBOUND
class-map match-any AutoQoS-VoIP-Control-Trust
match ip dscp cs3
match ip dscp af31
class-map match-any Customer-Voice
match access-group name Customer-VPNs
class-map match-any media
match access-group name SIP-Media
class-map match-any signaling
match access-group name SIP-Signaling
policy-map AutoQoS-Policy-Trust
class AutoQoS-VoIP-RTP-Trust
priority percent 70
class AutoQoS-VoIP-Control-Trust
bandwidth percent 5
class class-default
fair-queue
policy-map queue
class signaling
bandwidth percent 5
class media
priority percent 50
class Customer-Voice
priority percent 40
class class-default
fair-queue
policy-map shape
class class-default
shape average 10000000
service-policy queue
interface Embedded-Service-Engine0/0
no ip address
shutdown
interface GigabitEthernet0/0
description BGP Peer 1
ip address 2.2.2.2 255.255.255.252
no ip redirects
ip flow ingress
ip flow egress
duplex auto
speed auto
service-policy output shape
interface GigabitEthernet0/1
description LAN
ip address 1.2.3.4 255.255.255.0
no ip redirects
ip flow ingress
ip flow egress
standby 255 ip 1.2.3.1
standby 255 priority 105
standby 255 preempt
standby 255 mac-address 1a2b.3c4d.5e6f
standby 255 track 1 decrement 10
duplex auto
speed auto
service-policy output AutoQoS-Policy-Trust
interface FastEthernet0/0/0
description BGP Peer 2
ip address 1.1.1.1 255.255.255.252
ip flow ingress
ip flow egress
duplex full
speed 100
service-policy output shape
interface FastEthernet0/0/1
no ip address
shutdown
duplex auto
speed auto
router bgp 7777
bgp router-id 2.2.2.2
bgp log-neighbor-changes
network 1.2.3.0 mask 255.255.255.0
neighbor 1.1.1.2 remote-as 5555
neighbor 1.1.1.2 update-source FastEthernet0/0/0
neighbor 1.1.1.2 prefix-list L3-DEFGW in
neighbor 1.1.1.2 route-map L3-LPREF-IN in
neighbor 2.2.2.1 remote-as 6666
neighbor 2.2.2.1 ebgp-multihop 2
neighbor 2.2.2.1 update-source GigabitEthernet0/0
neighbor 2.2.2.1 send-community
neighbor 2.2.2.1 prefix-list COLO-DEFGW in
neighbor 2.2.2.1 route-map COLO-LPREF-IN in
neighbor 2.2.2.1 route-map COLO-OUT out
ip forward-protocol nd
ip bgp-community new-format
ip as-path access-list 5 permit _5555_
ip as-path access-list 5 deny .*
ip as-path access-list 10 permit ^6666$
no ip http server
no ip http secure-server
ip flow-top-talkers
top 50
sort-by bytes
ip route 0.0.0.0 0.0.0.0 1.1.1.2 254 name L3
ip route 0.0.0.0 0.0.0.0 2.2.2.1 255 name COLO1
ip route 10.0.0.0 255.0.0.0 10.10.10.10 name FW_OUTSIDE
ip tacacs source-interface GigabitEthernet0/1
ip access-list standard SNMP_SOURCES
permit 12.12.12.0 0.0.0.255
deny any log
ip prefix-list L3-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-DEFGW seq 5 permit 0.0.0.0/0
ip prefix-list COLO-LPREF-OUT seq 5 permit 1.2.3.0/24
route-map COLO-LPREF-IN permit 5
match as-path 5
set local-preference 250
route-map COLO-LPREF-IN permit 10
set local-preference 150
route-map COLO-LPREF-IN permit 20
route-map COLO-OUT permit 10
match ip address prefix-list COLO-LPREF-OUT
set as-path prepend 7777 7777 7777
set community 29795:1004
route-map COLO-OUT permit 20
route-map L3-LPREF-IN permit 10
match as-path 10
set local-preference 200
route-map L3-LPREF-IN permit 20
set local-preference 150
snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart
snmp-server enable traps vrrp
snmp-server enable traps flowmon
snmp-server enable traps transceiver all
snmp-server enable traps ds1
snmp-server enable traps call-home message-send-fail server-fail
snmp-server enable traps tty
snmp-server enable traps license
snmp-server enable traps envmon
snmp-server enable traps ethernet cfm cc mep-up mep-down cross-connect loop config
snmp-server enable traps ethernet cfm crosscheck mep-missing mep-unknown service-up
snmp-server enable traps flash insertion removal
snmp-server enable traps mac-notification
snmp-server enable traps aaa_server
snmp-server enable traps cef resource-failure peer-state-change peer-fib-state-change inconsistency
snmp-server enable traps memory bufferpeak
snmp-server enable traps config-copy
snmp-server enable traps config
snmp-server enable traps config-ctid
snmp-server enable traps event-manager
snmp-server enable traps hsrp
snmp-server enable traps cpu threshold
snmp-server enable traps rsvp
snmp-server enable traps syslog
snmp-server enable traps vtp
snmp-server enable traps ipslaWhen you were checking the ARP table was there an entry for Fast0/0/0?
HTH
Rick -
Olsnode does not show VIP address
Why is that i dont see the VIP for one of the node here. Any thoughts...This is GI 11.2.0.1
solb:oracle$ olsnodes -n -t -i
solc 3 solc-vip.xxx.org Pinned
solb 4 <none> Pinned
I get the same output from both the nodes.Hi,
Put here output of :
srvctl config nodeapps
cluvfy comp nodeapp -n <node_list>
cluvfy comp nodecon -n <node_list>
oifcfg getif -globalTo post output of commands above use formatting ({ code}) option of forum described in FAQ (http://forums.oracle.com/forums/help.jspa)
Regards,
Levi Pereira -
CNA 5.5 and show mac address-table
When trying to Monitor/Search for MAC address in C2960 network I got an error reply that a CLI command is not supported. Analyzing network traffic shows that CNA 5.5 is issueing 'show mac-address-table' command but the latest Cisco IOS Software, C2960 Software (C2960-LANBASEK9-M), Version 12.2(55)SE does not support 'show mac-address-table' anymore but does support 'show mac address-table' command. How can I change the command for showing mac address tables in CNA 5.5?
M.hi john,
the show mac-address-table command should be valid.
check if you've got MAC learning enabled on the ASA interface using show mac-learn command.
edit: could you post show firewall? the above command works on transparent firewall only. -
Address book of my mac does not show all my contacts in iphone. What do i do??
Address book of my mac does not show all my contacts in iphone. What do i do??
iCloud, which replaced MobileMe, requires OS X Lion (10.7.5) or higher. You will need to upgrade to OS X Lion higher in order to set up iCloud on your Mac. First check to see if your system meets the system requirements to upgrade.
Lion system requirements are:
Mac computer with an Intel Core 2 Duo, Core i3, Core i5, Core i7, or Xeon processor
2GB of memory
OS X v10.6.6 or later (v10.6.8 recommended)
7GB of available space
Mountain Lion and Mavericks requirements are the same, as listed here: http://support.apple.com/kb/HT5842.
If you can run Mavericks, you can download a free upgrade from the Mac App Store. If your system can only run Lion, you can go here to purchase a redemption code to download it from the Mac App Store. If you prefer Mountain Lion for software compatibility reasons, you can go here to purchase a redemption code to download it from the Mac App Store.
After upgrading, you will find iCloud in System Preferences>iCloud on your Mac, and can set it up as explained here: http://www.apple.com/icloud/setup/mac.html.
Before upgrading, you may want to check the compatibility of your existing applications by checking here: http://roaringapps.com/apps:table. Also be aware that older PPC programs such as AppleWorks and Office 2004 for Mac will not run on OS X Lion or higher. -
Face Time for mac does not show contacts window or allow me to sign in
My Facetime for Mac launches but does not show me my Contacts sidebar or allow me to 'Sign In'. Preferences is grayed out as well.
It works under a new user account (System Preferences > Accounts). I added a contact into the blank address book to test it out. I'm troubleshooting it right now to get it to work under my account, I think it has something to do with not fully accessing the keychain.
The tell-tell sign for me is when I launch FaceTime for Mac the preview window does not show immediately. I have to click on the app a second time for the window to appear. This does not happen under the new account
I have already:
- Restarted
- Removed preferences and Caches
- Re-installed Face Time
- Repaired and reset keychains
- Signed in under a different MobileMe account in System Preferences
Any other suggestions
Message was edited by: helps
Message was edited by: helpsSOLVED !!
After many, many more steps and close to total ruin of my MobileMe sync structure, I have the found the hidden files to remove that solved my problem.
~/Library/Preferences/.GlobalPreferences.plist
~/Library/Preferences/.GlobalPreferences.plist temp
~/Library/Preferences/.GlobalPreferences.plist .6Va7JFn [+these letters may be than different yours+]
Logged out, then back in again
When I launched Facetime it worked exactly as it does on my test user account.
here are the terminal commands to try for your solution
cd ~/Library/Preferences/
ls -A [+To get the letters for the third file+]
rm ~/Library/Preferences/.GlobalPreferences.plist
rm ~/Library/Preferences/.GlobalPreferences.plist\ temp
rm ~/Library/Preferences/.GlobalPreferences.plist\ .[+your letters+]
Please Post any problems you run into or if it doesn't work.
Message was edited by: helps -
Mac mini does not show any external hard rives! How to fix?
Hello,
My problem ist that my mac mini, i bougt in early 2010, does not show me any external harddrives. I had paragon instaled, after the trail version was untdatet my mac did not show any external hardrives.
Do you know how to hel ?
As i found out lately the harddrives i had plugt in to the mac are even not shown on other macs.I don't know what you mean by "doing new concessions on DHCP"!!??? Have you tried using a static IP address to see if it works that way? Have you restricted the range of DHCP addresses available at your router? If you have maybe the other computers have used up the available range. Suggest you try a static IP address first, then we'll take it from there.
-
I have an apple iphone 4 that I want to download audio books from my library onto. I cannot figure out how to do that. The iphone does not show up on my mac laptop as a connected device. Does this kind of download have to run through itunes? Thanks
Yes it is done through iTunes. The iPhone will never show up in Finder as a device. The following is general information on iTunes sync: http://support.apple.com/kb/HT1386 and the following is a previous discussion where the post by Andreas Junge helped others that had a problem syncing audiobooks: https://discussions.apple.com/message/20052732#20052732
-
How do i repair or recover data from a corrupt USB external hard drive that does not show up on my Mac desktop or disk utility?
Last night i was using my external hard drive, for some reason the folder just closed and i couldn't find it on my desktop.
After googling solutions, i found it in the disk utilities, i clicked on the 'repair' button many times, but it said the 'error...' message.
So i ejected it to try again, now when i connect the USB external hard drive it doesn't show up on my desktop or disk utilities.
I really just want to either repair or recover the data on it because it literally has everything (documents, work files, photos etc) on it,
I downloaded an application to recover my files but it needs the USB to at least show up.recognise it which mine doesn't.
I know i should've backed it up on another USB, this definitely teaches me for next time to back up all my files.
Are the files lost forever or can i recover them by going to a shop or using a software?Thank you for responding.
This might sound stupid since i'm not really knowledgeable with Macs,
but since all my files were moved from my mac computer to the external hard drive,
is it possible to recover those files through my Mac - like recovering deleted files? -
I'm also having a music issue. When my phone is attached to the computer (mac running 10.6.8) it looks like my music is there but its gray and I can't play anything. I've tried to delete it and it won't let me but it does not show up on my phone.
By the way, I have tried shutting of the display switching in the power settings. That was basically the only real answer I found anywhere. It didn't work.
Maybe you are looking for
-
Batch Management - Message no. M7018 "Enter Batch"
Team We activated batch management for one of the materials and when we perform GR for PO , system expecting us to enter the Batch number, instead of system generating new batch with the error "Message no. M7018". We have the below setting for "defin
-
Iweb not finding Mobile-me albums
I have uploaded 3 albums using Aperture to my mobile-me gallery. Trouble is when i goto Insert in iweb down to Mobile-me gallery only one is there. How do i tell iweb to update itself and find the other two photo albums i have online.
-
JDI : DTR / CBS - Moving components from one scenario to another.
Hi all, I have a series of Development Components that fall under the scenario 2 description of the DTR / CBS scenarios. I am trying to move our projects into a scenario 2+, and have created the CONS and DEV projects in our SLD. I moved the developme
-
Display Service Pack and OS Name/Version in Flex Label
Hi, I want to show my current system Operating system name (XP Pro, Vista, Linux..etc) along with the Service Pack level of my system on which my application is running. I am able to show uo OS name "Windows XP" using "Capabalities.os" in Flex4.
-
Administrative vs Operational responsibilities
<p> Hello, </p> <p> I have been working my way through the WebLogic Administrators course material. This is a course I have delivered a number of times in the past but this time I am compiling a list of questions for each module. </p> <p> In module 2