Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

FWSM in Multi context in routed mode without NAT/PAT??

Hi,

We configured FWSM in multicontext but without NAT/PAT under each context, we have added static routes on the MSFC for reachability of intside vlan under each context but somehow we can't ping from outside LAN to inside context/zone lans.

We have configured permit ip any any on all the interfaces in & out directions as a begining but still can't communicate with the rest of the network.

One more thing is that the FWSM is not connected to Internet it is sitting inside our corporate network.

Need urgent help in this regard, we had scheduled a maintenance window couple of times with a very well chalked out action plan but were forced to roll back to single mode due to the above issue.

Thanks,

CM

2 REPLIES
Hall of Fame Super Blue

Re: FWSM in Multi context in routed mode without NAT/PAT??

CM

Things to check

1) Can you ping outside interface of FWSM from MSFC

2) Have you allocated the inside vlans to the FWSM

3) Can you ping the inside interface of each context from a machine within that context.

If you aren't using nat at all can i assume you have no static statements on the FWSM ?

Do any of the contexts have shared interfaces on the inside ?

Jon

Re: FWSM in Multi context in routed mode without NAT/PAT??

From the 'OUTSIDE' of the firewall are you trying to ping the firewalls INSIDE interface itself or something at the back of it? Pinging the firewall's interface won't work!

Also are any of your interfaces shared?

Regards

Farrukh

170
Views
0
Helpful
2
Replies
CreatePlease to create content