Cisco ASA, ESX/vSphere, and Duplicate IP’s


Windows (2003/2008/R2) and/or Linux VM’s added to a VLAN and continuously report duplicate IP’s and Windows assign themselves APIPA (Private Address).


  1. (Windows) 169.254.x.x Address shows up as (Preferred) when running ipconfig /all in command prompt
  2. Resetting Adapter pops up Duplicate IP Error.
  3. Changing VM Network to a dummy network and vm nic reset, causes issue to go away.
  4. Changing VM Network back to problem network clears issue until vm is reset or nic is reset.


Assuming the Cisco ASA is the cause, you can follow the below steps to rectify the issue:

  1. Login to the Security Appliance ASDM
  2. Select Device Setup
  3. Expand Routing
  4. Select Proxy ARP
  5. Disable Proxy arp on the related interface (usually associated w/ your VLAN)
    • Other command line method:
      • sysopt noproxyarp <interface name>

If Windows is the issue for some reason, you can do this:

  1. Start –> Run… –> Regedit
  2. Find this key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
  3. Insert a new DWORD value
  4. Name the DWORD value “ArpRetryCount”
  5. Change the value for the new entry to 0 if not already set that way.
  6. Disable and Re-enable your network adapter to see if problem goes away.


ryan said…

Looks like a straight forward identity map issue on the ASA. Here's an explanation from Cisco around this behavior and the differences in software:
Anonymous said…
Thank you very much!
Anonymous said…
Thank you! Still saving the day in 2015!!
Anonymous said…
Still saving the day in 2019!!
Anonymous said…
Thank you! Still saving the day in 2022!!

Popular posts from this blog

NSX-T: vCenter and NSX-T Inventory out of Sync (Hosts in vSphere not showing up in NSX-T)

MacOS: AnyConnect VPN client was unable to successfully verify the IP forwarding table modifications.

Azure VMware Solution: NSX-T Active/Active T0 Edges...but