topic Fwsm not forwarding traffic in Network Security

Fwsm not forwarding traffic

Sithembiso Nhlozi — Tue, 12 Mar 2019 06:03:14 GMT

I have a firewall service module in a 6500. Lately traffic from lower interfaces within the LAN is not forwarded to higher interface. Created a capture and I can see traffic on the ingress interface and its not forwarded on the egress interface.

I have no nat control enabled on the firewall. I don't have a nat exempt for traffic that is not an outside connection.

configs have been working and now this issue started.

I have created static nat to solve the issue as a temporal mesure. I would like to find a permanent solution for this, please share some ideas.

Hi,I think as you were able

Vibhor Amrodia — Fri, 05 Jun 2015 08:45:14 GMT

Hi,

I think as you were able to see the traffic incoming and not going out from the FWSM , I think first steps should be to check the debugging syslog on the FWSM and see the reason for the packet to be dropped.

Also , to verify , can you post the NAT configuration and the requirement with IP Addresses ?

Thanks and Regards,

Vibhor Amrodia

Hi Vibhor, I always had the

Sithembiso Nhlozi — Mon, 08 Jun 2015 19:13:40 GMT

Hi Vibhor,

I always had the command below allowing all connections to pass without natting

FWSM/contcorp# sh run all | i no nat
no nat-control

Now I have to create static nat to allow traffic as below

static (inside,finance) 172.28.16.27 172.28.16.27 netmask 255.255.255.255 tcp 2000 0

Some of the connections are not passed though the firewaal even if I exempt it from nat.

This is the problem I'm facing lateley on the FWSM Firewall Version 4.1. Haven't found any documantation with this issue and solution