Access problem with Cisco ASA

Answered Question
Nov 6th, 2008

Hi all, I m facing problem with ASA, here is scenario for the same,

I have 2 cisco ASA 5540 with multiple context.

Configured in active -active failover. My primary admin context is

working without any hassel. But when I tried to connect to outside

interface (secondary firewall)of admin contex it gives me an error

log - "ifc-classify --Virtual firewall classification failed."

From the same device if I connected from 'inside' - I am

able to. But not able to send any outside traffic. (Not able to

connect to gateway IP of outside interface.)

Please help.

Thanks in advance.

I have this problem too.
0 votes
Correct Answer by dhananjoy chowdhury about 8 years 2 months ago

I would suggest you go thru this link (example 3) - Shared Resources for Multiple Contexts.

This example also has the nat/global config.

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/examples.html#wp1009684

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
dhananjoy chowdhury Thu, 11/06/2008 - 22:19

This happens when a packet arrived on a shared interface, but failed to classify to any specific context interface.

Use the global or static command to specify the IPv4 addresses that belong to each context interface.

rakesh.thale Thu, 11/06/2008 - 22:33

Sorry, But I get this option. But dont know how configure global or static command.

Please, please help!

rakesh.thale Fri, 11/07/2008 - 01:14

Still Unfortunate--

I tried to put static and global commands but no result.

Actions

This Discussion