cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
ss_daveh
New Contributor III

Configuring Proxy Arp on Netvanta 3448

Jump to solution

I am setting up a network with the Netvanta 3448 as the edge device then firewall using a public IP on the same subnet. I want to proxy arp an available IP to the firewall. The config below is what I am using and I can see the firewall show up on the arp table and when I debug arp I can see the arp requests being proxied in the CLI. I can ping the firewall from the CLI however it does not get internet. eth 0/2 is what I am using for the firewall port and the firewall is using the .210 IP address

vlan 1

  name "Default"

!

vlan 10

  name "Vlan Voice"

!

!

!

!

no ethernet cfm

!

interface eth 0/1

  description WAN Uplink

  ip address  x.x.x.211 255.255.255.240

  ip packet-capture 1CAPTURE

  ip mtu 1500

  ip access-policy Public

  media-gateway ip primary

  no awcp

  no shutdown

!

!

interface eth 0/2

  description Proxy Arp

  ip address  20.20.20.1  255.255.255.0

  ip mtu 1500

  no awcp

  no shutdown

Any assistance that you can provide is greatly appreciated. Also, I am new to the support community so please let me know if I need to provide further information to assist with this.

Thanks

Labels (2)
0 Kudos
1 Solution

Accepted Solutions
Anonymous
Not applicable

Re: Configuring Proxy Arp on Netvanta 3448

Jump to solution

I found the best way to accomplish what you are trying to do is to use bridging.  The nice thing about bridging is you can connect your bridge group to a VLAN and then have multiple ports available on the same subnet.

Here's a basic config.

bridge irb

bridge 1 protocol ieee

!

interface eth 0/1

  description Broadband Highspeed Ethernet Connection to Public Net

  bridge-group 1

  no ip address

  qos-policy out Upload_SIDE

  no shutdown

!

interface eth 0/2

  description Ethernet to Public Subnet

  bridge-group 1

  no ip address

  qos-policy out Download_SIDE

  no shutdown

!

interface vlan 10

  description VLAN to connect switch ports to Public subnet

  qos-policy out Download_SIDE

  bridge-group 1

  no ip address

  no shutdown

!

interface switchport 0/1

  description TO FIREWALL

  no shutdown

  switchport access vlan 10

!

interface switchport 0/2

  description TO PUBLIC SERVER #1

  no shutdown

  switchport access vlan 10

!

interface switchport 0/3

  description TO PUBLIC SERVER #2

  no shutdown

  switchport access vlan 10

!

interface bvi 1

  mac-address 00:00:00:00:57:18

  ip address x.x.x.2 255.255.255.224 (PUBLIC WAN IP for 3448)

  ip mtu 1500

  no shutdown

!

ip route 0.0.0.0 0.0.0.0 x.x.x.1

I hope this helps.  Here is the Adtran doc on bridging as well. 

View solution in original post

0 Kudos
1 Reply
Anonymous
Not applicable

Re: Configuring Proxy Arp on Netvanta 3448

Jump to solution

I found the best way to accomplish what you are trying to do is to use bridging.  The nice thing about bridging is you can connect your bridge group to a VLAN and then have multiple ports available on the same subnet.

Here's a basic config.

bridge irb

bridge 1 protocol ieee

!

interface eth 0/1

  description Broadband Highspeed Ethernet Connection to Public Net

  bridge-group 1

  no ip address

  qos-policy out Upload_SIDE

  no shutdown

!

interface eth 0/2

  description Ethernet to Public Subnet

  bridge-group 1

  no ip address

  qos-policy out Download_SIDE

  no shutdown

!

interface vlan 10

  description VLAN to connect switch ports to Public subnet

  qos-policy out Download_SIDE

  bridge-group 1

  no ip address

  no shutdown

!

interface switchport 0/1

  description TO FIREWALL

  no shutdown

  switchport access vlan 10

!

interface switchport 0/2

  description TO PUBLIC SERVER #1

  no shutdown

  switchport access vlan 10

!

interface switchport 0/3

  description TO PUBLIC SERVER #2

  no shutdown

  switchport access vlan 10

!

interface bvi 1

  mac-address 00:00:00:00:57:18

  ip address x.x.x.2 255.255.255.224 (PUBLIC WAN IP for 3448)

  ip mtu 1500

  no shutdown

!

ip route 0.0.0.0 0.0.0.0 x.x.x.1

I hope this helps.  Here is the Adtran doc on bridging as well. 

0 Kudos