Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
5
Helpful
1
Replies

FWSM:Interface is allocated to another context in a different failovergroup

javiercastro
Level 1
Level 1

‎06-24-2008 09:03 AM - edited ‎03-11-2019 06:04 AM

Hello,

I have two cat6500 with FWSM in each running two security contexts (routed mode) in Active/Active failover mode.

I was recently trying to add an interface for management porpuses in one of these contexts. That Vlan is already in use in the other context (sharing interfaces). While trying to allocate this vlan interface in the security context the following was displayed:

Context2(config-ctx)# allocate-interface VlanXX

ERROR: Interface VlanXX cannot be allocated to context. Interface is allocated to another context in a different failover group.

The contexts are in different failover groups due to the Active/Active operation mode.

Does anybody knows if it is possible to share an inteface between contexts in that failover mode?

Is it only possible using active/standby mode?

Haven't found any thing regarding this issue in the documentation.

Many Thanks.

Labels:
0 Helpful
1 Reply 1

Syed Iftekhar Ahmed
Level 8
Level 8

‎06-24-2008 09:51 AM

Basically the problem is that the Active contexts always uses the MAC address of the

Primary FWSM. So having one context active on each FWSM, and sharing one

VLAN, would mean that they both use the same MAC address, and then there is obviously a problem.

That's why it is not working and the error is triggered.

If you are using a shared vlan then it makes sense to use all the contexts sharing same vlan into one failover group.

Syed

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card