Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: Re: Cisco FWSM failover secondary power failure - message 405001

Re: Cisco FWSM failover secondary power failure - message 405001

From: greg padden <paddeng_at_biostat.wisc.edu>
Date: Sun, 19 Feb 2006 14:20:45 -0600

The message Received ARP request collision from is a red herring. What
it means is that the FWSM saw that the same MAC address responded to
multiple ARP replies. This is normal when you have a host that has
multiple IP addresses on the same ethernet card.

I spent several hours looking at this to a FWSM problem.

Good luck.
BT wrote:

>Hello,
>
>we have installed two 6513 Cisco Core switch with every switch one FWSM
>in a LAN based failover configuration. The first days the system worked
>fine but now there seems to be a power problem with the secondary. It
>rebooted multiple times without a transparent reason.
>During the reboots we saw also a traffic interuption of about 10
>minutes, even though the first system seems to work fine. The secondary
>FWSM will be exchanged the next days, but now we are searching the
>reason for the interuptions. The interuptions happened multiple times on
>one evening. In the log file we see every time the secondary boots this
>message:
>
>Feb 8 21:06:08 w.x.y.z Feb 08 2006 21:06:08 FWSM-1 :
>
>
>>%FWSM-4-405001: Received ARP request collision from
>>w.x.y.z/0013.c429.ab54 on interface inside
>>
>>
>
>In older logfiles we don't see this message.
>
>Does anyone know, if this is normal, that this message is send when the
>secondary is rebooting? Can it be, that the defective secondary modul
>sends packets (e.g. doubled IP-addresses), which disturb the MAC tables
>of the switch, so that this interrupts the traffic?
>
>Someone who has seen this before? Thanks for every hint ...
>Regards,
>Bernhard
>
>John Madden wrote:
>
>
>>Hi,
>>
>>Is there a way to NOT permit users from the inside to
>>connect to a proxy server on the outside and bypassing
>>the Web filtering software ?
>>
>>Thank you
>>
>>__________________________________________________
>>Do You Yahoo!?
>>Tired of spam? Yahoo! Mail has the best spam protection around
>>http://mail.yahoo.com
>>_______________________________________________
>>firewall-wizards mailing list
>>firewall-wizards_at_honor.icsalabs.com
>>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>>
>>
>_______________________________________________
>firewall-wizards mailing list
>firewall-wizards_at_honor.icsalabs.com
>http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
>

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Feb 20 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos