Arp table of other side doesn’t update leads to internal network cannot visit public network after NAT translation.

Publication Date:  2012-09-14 Views:  91 Downloads:  0
Issue Description
Topology:
Public network---usg5320----internal network core switch--- internal network work group segment
Some site finds that internal network work group segment cannot ping public network when new usg5320 replaced former usg5320. Two devices are on all fours, there is no other problem.
Alarm Information
NULL
Handling Process
Solution: configure “nat arp-a send”  on external public interface
Arp table will update now after the configuration, and internal network segment can ping public network without time delay.
Root Cause
It is analyzed that external address pool is not the real usg5320 public network interface IP, it is different of mac between two usg5320 devices, this makes arp changed, the other side cannot update the arp table because the device is in carrier. So it cannot visit public network after NAT translation.
Suggestions
It is better to keep identical between NAT address pool and external IP address if client has no consuming demand.

END