I'm building a brand new FWSM running 3.2(2) and have already configured for failover and verified communications between the two. I have also put them both into mode multiple and created 3 contexts. I also assigned the vlan interfaces from the switch to each vlan group as needed. Finally, I went into the admin context and allocated the interfaces to the proper context.
The problem now is when I go to any context and type:
I get "invalid input" back. If I do interface ? it shows me the names of all my interfaces. If I do interface x and hit tab, it autocompletes the right name. But no matter what, i can't get into interface config mode. Any ideas?
Yeah, I opened a TAC case and they gave me a work-around so I could upgrade the code. I'm now running 3.2(8) and the problem doesn't occur.
FWIW, the work-around involved not providing an alias while allocating interfaces in the system context. For example, my original config said:
allocate-inter vlan50 tocore
This has the affect of hiding the VLAN tag from the context and just showing "tocore" as the interface. I took out that command and put it back in as:
After doing that, I could configure that interface in the context, get an IP on there and upgrade the image. Once I reloaded with the new image all my other aliases worked just fine because, as you mentioned, the problem was resolved in 3.2(3).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...