Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I'm trying to leak some static routes out of one VRF into several others. This is mainly to help get around issues with FWSM shared interfaces and load-balancing the firewalled traffic. Anyway, to try and ease the administration of the static routes ...
Is the following possible....Two FWSMs (A & B) with two instances on each (A1, A2, B1, B2).A1 failover to B2, B1 failover to A2In other words, in normal operation I have two independant firewalls in different chassis, but should one of them fail, the...
Yes you're pretty much right there. It is about putting the work in on the initial build to help reduce the overhead as the service expands (regular addition of the static routes). Rather unfortunately the FWSM is running in multiple context mode so ...
With the upgrade to 3.2(1) you need to upload the new ASDM AFTER the reload into the new FWSM image (not before).If you reload the new ASDM it will work just fine (you don't need to reload the FWSM).
Here is a very basic config example and also a show that demonstrates what I am struggling withRouter#sh run (snipped)ip vrf VRF1 rd 1.1.1.1:1 route-target export 1.1.1.1:1 route-target import 1.1.1.1:1!ip vrf VRF2 rd 2.2.2.2:2 route-target export 2....
Might be ok if you copy and paste into notepad or context and use a Courier font.Anyway, I'm beginning to think that I might have to rewrite the BGP RD community to make the route "of" the destination VRF... is that allowed in an import-map?
