Excellent suggestion @Roby_Sreejith!
In my previous posts it's clear that I did not modify the Dynamic NAT policy to use eth1/13 instead of eth1/1.
However, I was trying to ping 126.96.36.199 from the Palo Alto CLI using the AAA.BBB.CCC.34/28 and AAA.BBB.CCC.37 IP addresses, which, I suspect, do not get translated using NAT.
Hope my assumptions are right but happy to be wrong and learn something new (-:
I'll be switching over again today around 12:15 CST so I'll be sure to try your and other suggestions, like clearing ARP tables, capturing packets and filtering ARP traffic, etc.
Thank you again!
Agree with Roby.
Please confirm Cisco port MAC address and that you actually can see it in your arp table:
> show arp ethernet1/13
Also, when pinging 188.8.131.52 try to source the ping from the fibre interface (ethernet1/13)
> ping source (fibre interface IP) host 184.108.40.206
Thanks again @TranceforLife. I can confirm that during the switch to fiber on ethernet1/13 I ran pings from the PA's eth1/13 interface like so:
> ping source AAA.BBB.CCC.34 host 220.127.116.11
I will confirm the MAC address tied to the current interface (Cisco) connected to eth1/1.
Thank you to everyone for the big assist this morning.
Thank you to everyone for your suggestions.
Wanted to let you know the conversion from copper to fiber was a success over lunch today
The solution was I had to issue gratuitous ARPs from a few IPs in my address block - this quickly solved everything.
Cheers to everyone!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!