SNCF — Securing Networks with Firepower — Question 218

A network administrator is deploying a new Cisco Secure Firewall Threat Defense (FTD) firewall. After Cisco Secure FTD is deployed, inside clients have intermittent connectivity to each other. When reviewing the packet capture on the Secure FTD firewall, the administrator sees that Secure FTD is responding to all the ARP requests on the inside network. Which action must the network administrator take to resolve the issue?

Answer options

• A. Review the access policy and verify that ARP is allowed from inside to inside.
• B. Review NAT policy and disable incorrect proxy ARP configuration.
• C. Convert the FTD to transparent mode to allow ARP requests.
• D. Hardcode the MAC address of the FTD to IP mapping on client machines.

Correct answer: B

Explanation

The correct answer is B because disabling incorrect proxy ARP configurations in the NAT policy ensures that ARP requests are handled correctly, allowing for proper communication between clients. The other options either do not address the root cause of the issue (A and C) or suggest a cumbersome solution (D) that is not necessary in this scenario.