Transparent ASA - Mac Address Flip-Flop Issue

Unanswered Question
Mar 18th, 2010

Hi All

I hope you can help here

We have been having a problem with our Transparent Mode ASA 5520.

  • We have the Inside and Management interface plugged into the same switch on the inside portion of our firewall. 
  • The Management interface is configured as Management-Only
  • Each internal device (VPN Concentrators, Web Servers etc.) has its Mac-Address mapping in the Mac-Address table staticly defined with the mac-address static command to be on the Inside interface.

The problem we are having is, for instance, when a user initiates a VPN session from the Internet the traffic going back to the client from the VPN Concentrator is flipping between the management interface and inside interface.  Obviously tis causes an issue as the maangement interface is "management-only" so only management traffic can pass therefore all other traffic is dropped.

Does anybody have a solution or any ideas on how to prevent this happening?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)


This Discussion