The display deception arp-proxy command displays ARP proxy information recorded by the DecoySensor.
The DecoySensor cannot scan its own interface IP addresses or the IP network segment for which the DecoySensor serves as the ARP proxy. The ARP proxy cache on the device management plane provides the ARP proxy information to the DecoySensor. The DecoySensor records the ARP proxy information and then updates the list of online IP addresses.
If the ARP proxy information is not synchronized to the list of online IP addresses, the DecoySensor considers the IP addresses offline. As a result, the DecoySensor may deceive the traffic destined for these IP addresses. To prevent such a situation, you can run the reset deception arp-proxy command to update the ARP proxy table and synchronize it to the list of online IP addresses.
# Display the ARP proxy information recorded by the DecoySensor.
<FW> display deception arp-proxy -------------------------------------------------------------------------------- Current total number = 1 -------------------------------------------------------------------------------- ip-address vlan vpn-instance 1.1.1.1 0 default --------------------------------------------------------------------------------
Item |
Description |
|---|---|
ip-address |
IP address of an interface on the DecoySensor or the IP address for which the DecoySensor serves as the ARP proxy |
vlan |
VLAN to which the IP address belongs |
vpn-instance |
VPN instance of the IP address |