I'm having an odd ARP issue in my DMZ. It has a win2k3 and a winnt server, each behind the firewall, in the same subnet, on a Cisco Catalyst switch. The Win2k3 server needs to access the WINNT server for certain web functions. For the most part it works, but sometimes it fails.

When it's failing, I go to each server to ping the other, and of course the packets timeout. Well, if I do an ARP -a command on each server, I notice that the same MAC address is bound to each of the server's IP addresses in the MAC table. That MAC address happens to be the NIC of the firewall (both servers are on the same side of the firewall, so no traffic should be flowing through it when the two need to talk to each other). Now, if I clear the ARP tables in each, and put a static entry with the correct MAC addresses, everything works fine.

So, what could be causing this? I'm fairly sure there is no duplicate IP in use on the other side of the firewall. Is there a windows based ARP utility that would send a request for one of the IPs, and show each device that responds with "hey, that's me"? What other troubleshooting steps might I employ?

thanks