Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

FW in Multiple context fails with nameif command

Hi halijenn / kusankar / NT ,

I am having an issue in which customer is having ASA 5520 firewall pair (active , standby) , 8.0.3 Code running in mutiple context mode and having VPN Premium license.There are huge no. of context (approx 14) configured on the firewall , he says that as soon as the firewall was configured with one more logical interface and a nameif command was issued under the relevant context , the traffic stopped traversing across other contexts and he has to issue failover and susbequent reload of that firewall (on which issue happened ) to get back to normal . He doesnot have syslogs for that instance .Please let me know if this is a bug or if there is any probability that he might have gone wrong somewhere .

6 REPLIES
Cisco Employee

Re: FW in Multiple context fails with nameif command

Are you sure it is running 8.3 code?

There were defects in the past: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsy75345

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsx77780

How many sub-interfaces does he have configured presently? Traffic breaks after creating how many-th interface? Routed or Transparent?

If this is 8.3, I suggest you open a TAC case and work with an engineer as this sounds like a new defect.

-KS

New Member

Re: FW in Multiple context fails with nameif command

Hi kusankar

thanks a lot for replying. This is an issue with 8.0(3) code and not 8.3 . This is a routed mode firewall . There are approx . 14 contexts and around 56 logical interfaces created .

25 vlans on Gig 0/2

30 vlans on Gig 1/0

1 vlan on Gig 1/2

He has already created logical interface , assigned vlan , then assigned it to the context , went to the specific context .Once he entered the command "interface Gig1/2.X and did a nameif and then he was not able to gain enable privilege in that particular context to revert those commands.  He also tried to remove the allocation of the Interface from that context however no success .Hence he did a failover and then reboot the asa.

Cisco Employee

Re: FW in Multiple context fails with nameif command

Oh sorry I read it as 8.3. So, yes this is a known issue. Pls. upgrade the code on the ASA to 8.0.5

-KS

New Member

Re: FW in Multiple context fails with nameif command

hi kusankar

thanks a lot ! which bug i am running into out of above ? Is ASA 8.0.3 a known IOS affected by this bug ?

Cisco Employee

Re: FW in Multiple context fails with nameif command


CSCsy75345 for sure. You may run into the other one as well. 8.0.5 has the fix for both the defects.

-KS
New Member

Re: FW in Multiple context fails with nameif command

hi kusankar

thanks for the reply , In my case i do have multiple context and mac-address auto command ; however i donot have context with less than 8 subinterfaces .Also this bug was found for 8.0(4) and my version is 8.0(3) is this applicable for me ? Also this issue occurs for me when nameif command is entered in the logical interface ; however there is no mention of the same in the bug . Can  you please elaborate as to what exactly happens in this bug

194
Views
5
Helpful
6
Replies