FWSM NAT Problem with Cisco ASA

Unanswered Question
Dec 8th, 2008
User Badges:

I have topology :

Cisco ASA ------- Cat3750 -------- Cat6509 -- vFW_APP

Cisco ASA[Gi3/1]----[Gi1/0/17]CAT3750[Gi1/0/31]----[Gi3/48]CAT6509--[INT_VLAN16]vFW_APP

In cat3750 port 1/0/17 & 1/0/31 have vlan 16, also in cat6509 in port Gi3/48.

Cisco ASA port 3/1 has ip add xxx.xxx.171.1 and vFW_APP int_vlan16 xxx.xxx.171.26, this ip add shoud be NAT to on the vFW_APP.

We have problem using NAT static configuration in one of multiple context on FWSM. An application server was NAT using one-to-one static NAT in a context in order to be accessed from internet with port 80 and 443.

At the first time, the application could run smoothly, but after 7 minutes later the connection was intermitent. For the first 7 minutes the connection was up, but after that the connection was down for 7 minutes.

It means the connection was intermitent periodically every 7 minutes.

We did ping to the server continuesly, but RTO appeared every 7 minutes.

We configured also for another context (transparent mode) that was directly connected to public segment address. We put some servers behind the context and configured those servers with public IP address. On this scenario, not like the first case, there's no intermitent connection from internet.

We did the same thing with ping to those servers from internet, and the result was excellent. There's no timeout for the connection.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion