Hello,
I'm experiencing some interesting behaviour that I don't quite understand. It seems the UTM will reply to some ARP requests but not all. This is all on the same subnet.
Problem: Access Points are constantly sending out ARP requests for their gateway (192.168.23.254) and never receiving replies.
Device: Sophos SG105w UTM
Firmware: 9.509-3
Topology:
Note: This is a simplified version of the network -- there are actually 5 access points and a few more devices, but I think this is enough to outline the issue.
Scenario: The workstation can ARP for the gateway and receive a reply. The Unifi Access point, however, never does. They are both on the same Subnet.
I ran Wireshark to compare the two ARPs.
Workstation (CentOS 7.4) ARP: Frame 1117: 42 bytes on wire (336 bits), 42 bytes captured (336 bits) on interface 0
Ubiquiti ARP: Frame 1064: 62 bytes on wire (496 bits), 62 bytes captured (496 bits) on interface 0
The Ubiquiti ARP is bigger, with the following fields showing as different in Wireshark:
[Protocols in frame: eth:arp:vssmonitoring]
Padding: 000000000000000000000000000000000000
I have absolutely no idea what the vssmonitoring protocol is -- there are no VSS products in our network.
The other devices on the subnet DO reply to the Ubiquiti ARP requests -- it just seems the UTM never does.
Note: The network is functioning as expected. Wireless clients can connect and browse the internet etc. as normal.
There are these constant ARP Broadcasts on the subnet from every AP.
Anybody have some ideas?
This thread was automatically locked due to age.
