There are a pair of FWSM modules running in multi-context routed mode and in Active/ Active inter-chassis failover.
The FWSM ver is 4.0(5) and 6500 version is 12.2(33)SXI1 with Sup720-3B.
In two months, the primary FWSM module has brought up some weird issues as follows:
1. The first time was when the issue occured, all the vlans on the fwsm were up but i was not able to ping any hosts in any vlan. I did clear xlate but it did not help. I did a no failover active group 1 and then everything was normal. When i again said failover active group 1, i lost connectivity. I had to reload the module and then after that, everything was fine.
2. The second time it happened was just a couple of days back. But this time, the vlans were admin-down. I asked the client if there were any changes and he said none. I then asked him if he had tried doing a no shut and he said that in that moment of pressure, he did not think of it. He just shutdown the module for the other module to take over. When i went to the site, we just reloaded the module and came up fine when it became active this time.
I did not have any logs to analyse the reason for the failure except an error message in Admin context saying "Lost communications with management vlan" which was not really helpful.
Has anyone come across FWSM vlans going admin-down suddenly without any changes in this particular version 4.0(5)?
When i looked into the Bug navigator, i just found one bug somewhat related to our config since dns-guard and sysopt np completion-unit are both enabled in admin context in our case..
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...