Solved: Re: Access problem with Cisco ASA

rakesh.thale · ‎11-06-2008

Hi all, I m facing problem with ASA, here is scenario for the same,

I have 2 cisco ASA 5540 with multiple context.

Configured in active -active failover. My primary admin context is

working without any hassel. But when I tried to connect to outside

interface (secondary firewall)of admin contex it gives me an error

log - "ifc-classify --Virtual firewall classification failed."

From the same device if I connected from 'inside' - I am

able to. But not able to send any outside traffic. (Not able to

connect to gateway IP of outside interface.)

Please help.

Thanks in advance.

dhananjoy chowdhury · ‎11-06-2008

I would suggest you go thru this link (example 3) - Shared Resources for Multiple Contexts.

This example also has the nat/global config.

dhananjoy chowdhury · ‎11-06-2008

This happens when a packet arrived on a shared interface, but failed to classify to any specific context interface.

Use the global or static command to specify the IPv4 addresses that belong to each context interface.

rakesh.thale · ‎11-06-2008

Sorry, But I get this option. But dont know how configure global or static command.

Please, please help!

dhananjoy chowdhury · ‎11-06-2008

I would suggest you go thru this link (example 3) - Shared Resources for Multiple Contexts.

This example also has the nat/global config.

rakesh.thale · ‎11-07-2008

Still Unfortunate--

I tried to put static and global commands but no result.

dhananjoy chowdhury · ‎11-07-2008

could you share the sanitized config.