This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ARP CACHE POISONING

ARP CACHE POISONING

Aviv_Kedem
Contributor

‎12-09-2017 03:39 PM

Hello Community,

I use ip mac conflict log only. AP75XX/AP65XX. WING 5.8.6+/5.9+.
Recently, in several deployments I saw a lot of this type of logs messages:

...%DATAPLANE-4-ARPPOISON: ARP CACHE POISONING: Conflicting snoop entry found :Ethernet Src Mac: ....., Ethernet Dst Mac: FF-FF-FF-FF-FF-FF, ARP Src Mac: ...., ARP Dst Mac: 00-00-00-00-00-00, ARP Src IP: ...., ARP Target IP: ...., Snoop Table MAC = ...., Snoop Table IP = ....

It seems the router is flooding some different info about mac adress table info with AP.
Can it cause any network issues ?

Thanks,

Aviv Kedem
0 Kudos
13 REPLIES 13

Ondrej_Lepa
Extreme Employee
In response to Ondrej_Lepa

‎12-11-2017 10:11 AM

Well, if you see those hits it mean that internal firewall detected those and took action.
I would not say this is something you'll fix on the AP.

Regards,
Ondrej

0 Kudos

Aviv_Kedem
Contributor
In response to Ondrej_Lepa

‎12-11-2017 10:11 AM

Hello Ondrej,

We do not have IP conflict but still have a lot of these messages.
It seems that router is fluding different L2 data .

Any ideas?

Thanks,

Aviv
0 Kudos

JESUS_REYES_DIA
New Contributor

‎12-09-2017 07:14 PM

At this moment i dont have de document, but can you find a best practice firewall for wingx .
0 Kudos

Aviv_Kedem
Contributor
In response to JESUS_REYES_DIA

‎12-09-2017 07:14 PM

Hello Jesus,
I would be happy to receive an answer for the question I asked.
It's not about best practice.

Regards,

Aviv
0 Kudos
GTM-P2G8KFN