Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
800
Views
0
Helpful
2
Replies

FWSM Inter-Context traffic

trevora
Level 1
Level 1

‎07-10-2009 06:07 PM - edited ‎03-11-2019 08:53 AM

I have a FWSM with 2 contexts. The OUTSIDE interfaces are each in their own L3 vlan and in a common VRF. (ie: both next to each other looking out)

I am having a problem getting traffic from one FW to go out C1 and enter C2. I can ping all the outside interfaces but not through the FW (from other FW and inside client).

Any ideas???

running v4.03

Labels:
0 Helpful
2 Replies 2

yagnesh_tel
Level 1
Level 1

‎07-12-2009 04:26 AM

Considering you have allowed this communication through ACL in these contexts, you should provide routing in MSFC for inside vlans using static routes. These static routes should be pointing to outside interfaces of the respected contexts. For example:

ip route vrf [vrf name] [inside vlan & subnet mask] [outside interface]

0 Helpful

trevora
Level 1
Level 1

‎07-12-2009 05:27 AM

It turned out that one of our engineers changed the inside interface IP and got the subnet mask wrong. Once I fixed that it started working.

I was concerned that it it may have been related to the clasifier as we are not doing nat for all traffic. I would have then had to put in a bunch of static nat rules. It seems the FWSM does not support a manual MAC addr to be defined on the interfaces like the ASA allows.

0 Helpful
Review Cisco Networking for a $25 gift card
Top