ASA (inside) -> MSFC -> FWSM
ASA is loaded with CSC-SSM.
Management VLAN is defined on FWSM for e.g. VLAN99. Now, the management ports of ASA and CSC-SSM are connected directly to VLAN99 i.e. bypassing the MSFC and FWSM.
In this case, I am not able to ping the ASA inside interface from a host in VLAN99. icmp permit any inside has been configured on the ASA for the ping to work.
Please advise if bypassing MSFC / FWSM is causing ping failure the return traffic.
1) Not sure about this as i have never used an AIM-SSM in an ASA.
Nothing wrong with having these devices in a dedicated management vlan, in fact that is recommended and it should be firewalled as well which is what you are doing.
But i'm still unclear as to why any of these devices need Internet access - IDS updates etc ?
If so i would go with option 2 in previous thread.