Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

FWSM Inter-Context traffic

I have a FWSM with 2 contexts. The OUTSIDE interfaces are each in their own L3 vlan and in a common VRF. (ie: both next to each other looking out)

I am having a problem getting traffic from one FW to go out C1 and enter C2. I can ping all the outside interfaces but not through the FW (from other FW and inside client).

Any ideas???

running v4.03

2 REPLIES
Bronze

Re: FWSM Inter-Context traffic

Considering you have allowed this communication through ACL in these contexts, you should provide routing in MSFC for inside vlans using static routes. These static routes should be pointing to outside interfaces of the respected contexts. For example:

ip route vrf [vrf name] [inside vlan & subnet mask] [outside interface]

New Member

Re: FWSM Inter-Context traffic

It turned out that one of our engineers changed the inside interface IP and got the subnet mask wrong. Once I fixed that it started working.

I was concerned that it it may have been related to the clasifier as we are not doing nat for all traffic. I would have then had to put in a bunch of static nat rules. It seems the FWSM does not support a manual MAC addr to be defined on the interfaces like the ASA allows.

387
Views
0
Helpful
2
Replies
CreatePlease to create content