03-28-2011 01:49 AM - edited 03-11-2019 01:13 PM
Hi team,
Ive got a virtualised firewall running 3 security contexts in routed mode. What am experiencing is that i cannot connect to an OUTSIDE host through the security contexts. From the firewall itself i cannot ping the directly attached host on the OUTSIDE interface but i can ping the directly attached host on the INSIDE interface. When i reload the firewall box, the first ping to the OUTSIDE host would be successful but subsequent pings fail and thus total connectivity is lost.
Please advice why this firewall is behaving this way.
I even tried upgrading to ASA version 8.4(1) but still the same.
Regards,
Jerry.
03-28-2011 05:59 AM
Are you sharing the outside interface on the three contexts?
Sent from Cisco Technical Support iPhone App
03-28-2011 06:08 AM
Yes am sharing the outside interface across the 3 contexts using vlans and subinterfaces. But all vlans on that particular physical interface are OUTSIDE interfaces for the respective contexts.
Regards,
03-28-2011 07:11 AM
each outside interface of the each context is a subinterface? that is what you mean?
If you were using the same physical interface and sharing the IP that could cause some kind of issue since the MAC is used for the 3 outside interfaces. In this cases it is a good idea to use MAC address auto on the system context but it seems that this is not the case.
03-29-2011 12:15 AM
Yes, each OUTSIDE interface for each context is a subinterface, strange enough one context is working perfectly fine and it's sharing the same physical interface but of course on a different subinterface and ip subnet. Do u reckon it's the MAC address thing n how can I go abt it?
Sent from my iPhon
03-29-2011 07:44 AM
if you have subinterfaces and different IPs your shouldn't have MAC address issues.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide