cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
826
Views
0
Helpful
5
Replies

Access problem with Cisco ASA

rakesh.thale
Level 1
Level 1

Hi all, I m facing problem with ASA, here is scenario for the same,

I have 2 cisco ASA 5540 with multiple context.

Configured in active -active failover. My primary admin context is

working without any hassel. But when I tried to connect to outside

interface (secondary firewall)of admin contex it gives me an error

log - "ifc-classify --Virtual firewall classification failed."

From the same device if I connected from 'inside' - I am

able to. But not able to send any outside traffic. (Not able to

connect to gateway IP of outside interface.)

Please help.

Thanks in advance.

1 Accepted Solution

Accepted Solutions

I would suggest you go thru this link (example 3) - Shared Resources for Multiple Contexts.

This example also has the nat/global config.

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/examples.html#wp1009684

View solution in original post

5 Replies 5

This happens when a packet arrived on a shared interface, but failed to classify to any specific context interface.

Use the global or static command to specify the IPv4 addresses that belong to each context interface.

Sorry, But I get this option. But dont know how configure global or static command.

Please, please help!

I would suggest you go thru this link (example 3) - Shared Resources for Multiple Contexts.

This example also has the nat/global config.

http://www.cisco.com/en/US/docs/security/asa/asa81/config/guide/examples.html#wp1009684

Still Unfortunate--

I tried to put static and global commands but no result.

could you share the sanitized config.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: