https://community.cisco.com/t5/network-security/fwsm-context-admin-down-interface-has-traffic-stats/m-p/1529656#M657809 <HTML><HEAD></HEAD><BODY><P>Thanks for the info. It does sound like that could be the issue</P><P></P><P>Mel</P></BODY></HTML> Wed, 29 Sep 2010 19:09:05 GMT Mel Popple 2010-09-29T19:09:05Z https://community.cisco.com/t5/network-security/fwsm-context-admin-down-interface-has-traffic-stats/m-p/1529654#M657741 <P>Hi,</P><P></P><P>I have noticed that one of my firewall contexts interfaces shows input and output packets even though the interface was in the admin shutdown state during reboot.</P><P></P><P>Interface Vlan111 "DMZ-NET", is administratively down, line protocol is down<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Description: Interface routing to DMZ-NET (Also used for Context Management)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MAC address 0021.55be.8100, MTU 1500<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IP address 192.168.4.254, subnet mask 255.255.255.0<BR />&nbsp; Traffic Statistics for "DMZ-NET":<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 45377 packets input, 3779957 bytes<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1130 packets output, 79010 bytes<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1999 packets dropped</P><P></P><P>The FWSM is running v3.1(7) and is a failover pair (The standby also has traffic stats). Do I have to admin shut the interface in the system context to properly close the interface during boot? Is there something in the way that the FWSM loads its system context configuration first and then loads the individual contexts later that means the interface could be live for a few seconds?</P><P></P><P>This issue became apparent after reloading the FWSM during some failover testing prior to deploying it on the network. These switches and FWSMs&nbsp; are cabled to the existing network (with the IPs of the devices they will replace) and it had put a MAC entry in another firewall device which caused an outage. The reason for keeping the interfaces in the admin shutdown state was to avoid anything like this happening.</P><P></P><P>Thanks</P><P>Mel</P> Mon, 11 Mar 2019 18:44:50 GMT https://community.cisco.com/t5/network-security/fwsm-context-admin-down-interface-has-traffic-stats/m-p/1529654#M657741 Mel Popple 2019-03-11T18:44:50Z https://community.cisco.com/t5/network-security/fwsm-context-admin-down-interface-has-traffic-stats/m-p/1529655#M657773 <HTML><HEAD></HEAD><BODY><P>Hi Mel,</P><P></P><P>The behavior you saw sounds like a good match for bug CSCta08654. This is fixed in 3.1.15.2 and higher builds.</P><P></P><P>Hope that helps.</P><P></P><P>-Mike</P></BODY></HTML> Tue, 28 Sep 2010 13:26:34 GMT https://community.cisco.com/t5/network-security/fwsm-context-admin-down-interface-has-traffic-stats/m-p/1529655#M657773 mirober2 2010-09-28T13:26:34Z https://community.cisco.com/t5/network-security/fwsm-context-admin-down-interface-has-traffic-stats/m-p/1529656#M657809 <HTML><HEAD></HEAD><BODY><P>Thanks for the info. It does sound like that could be the issue</P><P></P><P>Mel</P></BODY></HTML> Wed, 29 Sep 2010 19:09:05 GMT https://community.cisco.com/t5/network-security/fwsm-context-admin-down-interface-has-traffic-stats/m-p/1529656#M657809 Mel Popple 2010-09-29T19:09:05Z