03-15-2023 09:26 AM
After an upgrade to version 10.2.3 h4 I got this message:
2023/03/08 20:52:23 info general general 0 Received conflicting ARP on interface ethernet1/4 indicating duplicate IP 172.16.0.1, sender mac 00:50:56:92:cd:0c
And this address is for the other peer .
The firewall is a VM300
03-15-2023 08:32 PM - edited 03-15-2023 08:36 PM
In VMware environment you can't have 2 VMs with same mac address.
For that reason virtual Palos in HA cluster have different mac addresses.
Virtual Palos can have same mac only if VMware port group is configured in promiscuous mode and this is very bad practice.
But to receive conflicting IP address alert both of your firewalls must be active at the same time.
Do you have active/passive HA?
03-16-2023 12:33 AM
Yes the two firewalls in HA.
address and mac for the other peer .
03-16-2023 05:39 AM
Are firewalls in active/active or active/passive HA?
If you enable mac column in both firewalls do mac addresses match on both of them or are they different?
03-16-2023 05:58 AM
HA in active passive .
You will find below the configuration of the interfaces as well as the message on the two firewalls :
========================================================
FW1
> show interface all
total configured hardware interfaces: 9
name id speed/duplex/state mac address
--------------------------------------------------------------------------------
ethernet1/1 16 ukn/ukn/down(power-down) 00:50:56:92:82:af
ethernet1/2 17 10000/full/up 00:50:56:92:7e:bc
ethernet1/3 18 10000/full/up 00:50:56:92:20:2f
ethernet1/4 19 10000/full/up 00:50:56:92:cd:0c
ethernet1/5 20 10000/full/up 00:50:56:92:f7:49
ethernet1/6 21 10000/full/up 00:50:56:92:2f:36
ethernet1/7 22 10000/full/up 00:50:56:92:ae:b6
ethernet1/8 23 10000/full/up 00:50:56:92:77:3a
ethernet1/9 24 ukn/ukn/down(autoneg) 00:50:56:92:5e:a5
aggregation groups: 0
total configured logical interfaces: 9
name id vsys zone forwarding tag address
------------------- ----- ---- ---------------- ------------------------ ------ ------------------
ethernet1/1 16 1 tap 0 N/A
ethernet1/2 17 1 ha 0 192.168.1.67/24
ethernet1/3 18 1 ha 0 192.168.2.67/24
ethernet1/4 19 1 GUEST_LAN vr:DMZ_WIFI_ROUTEUR 0 172.16.0.1/21
ethernet1/5 20 1 DMZ_INTERNET vr:DMZ_WIFI_ROUTEUR 0 90.83.58.124/25
ethernet1/6 21 1 VRF_GUEST vr:DMZ_WIFI_ROUTEUR 0 10.109.32.250/32
ethernet1/7 22 1 DMZ_SORTANTES vr:DMZ_WIFI_ROUTEUR 0 192.168.215.47/24
ethernet1/8 23 1 GUEST_LAN vr:DMZ_WIFI_ROUTEUR 0 172.16.8.1/22
ethernet1/9 24 1 tap 0 N/A
Error message :
============================================
2023/03/08 20:52:01 info general general 0 Received conflicting ARP on interface ethernet1/4 indicating duplicate IP 172.16.0.1, sender mac 00:50:56:a5:bc:3b
==========================================
FW2
=================================================
> show interface all
total configured hardware interfaces: 9
name id speed/duplex/state mac address
--------------------------------------------------------------------------------
ethernet1/1 16 ukn/ukn/down(power-down) 00:50:56:a5:9b:91
ethernet1/2 17 10000/full/up 00:50:56:a5:79:47
ethernet1/3 18 10000/full/up 00:50:56:a5:b1:ca
ethernet1/4 19 10000/full/up 00:50:56:a5:bc:3b
ethernet1/5 20 10000/full/up 00:50:56:a5:0d:e4
ethernet1/6 21 10000/full/up 00:50:56:a5:51:9b
ethernet1/7 22 10000/full/up 00:50:56:a5:5c:c5
ethernet1/8 23 10000/full/up 00:50:56:a5:63:9a
ethernet1/9 24 ukn/ukn/down(autoneg) 00:50:56:a5:de:f0
aggregation groups: 0
total configured logical interfaces: 9
name id vsys zone forwarding tag address
------------------- ----- ---- ---------------- ------------------------ ------ ------------------
ethernet1/1 16 1 tap 0 N/A
ethernet1/2 17 1 ha 0 192.168.1.68/24
ethernet1/3 18 1 ha 0 192.168.2.68/24
ethernet1/4 19 1 GUEST_LAN vr:DMZ_WIFI_ROUTEUR 0 172.16.0.1/21
ethernet1/5 20 1 DMZ_INTERNET vr:DMZ_WIFI_ROUTEUR 0 90.83.58.124/25
ethernet1/6 21 1 VRF_GUEST vr:DMZ_WIFI_ROUTEUR 0 10.109.32.250/32
ethernet1/7 22 1 DMZ_SORTANTES vr:DMZ_WIFI_ROUTEUR 0 192.168.215.47/24
ethernet1/8 23 1 GUEST_LAN vr:DMZ_WIFI_ROUTEUR 0 172.16.8.1/22
ethernet1/9 24 1 tap 0 N/A
===========================================
Error message
========================================
2023/03/08 20:52:23 info general general 0 Received conflicting ARP on interface ethernet1/4 indicating duplicate IP 172.16.0.1, sender mac 00:50:56:92:cd:0c
======================================================================
Thank you
03-16-2023 06:12 AM
Did you get arp conflict once during upgrade or are you continuously getting those alerts?
03-16-2023 06:19 AM
We still have the error message, I turned off one of the firewall so as not to impact the production
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
