Hi. I have a problem with VLAN that is in a FWSM. This belongs to Vlan computer rooms that have private address 172.16.0.0 mask 255.255.248.0, the IP addres of the VLAN in the FWSM is 172.16.0.1 - 1 months since I am experiencing the PING between PC's of the rooms I was lost and hence the connection to the server in the halls, which belong to the same IP range, you can not do. The strange thing is that when I disconnect the link from the edge switch rooms and Core6509, traffic is restored in the rooms, obviously there is no Internet access, but can access the servers and give PING between PC's rooms. Someone who has had this problem and learn how you can help me solve it? I reconfigured the FWSM VLAN but the problem persists. Thank you very much. (I'm sorry with my english that is no perfect)
The problem might be the mismatch VLAN assignment across the firewall (FWSMs and supervisors). For example, in the Firewall vlan-group 1 statement, the same number of VLANs assigned on each switch to the firewall can vary. This might cause the issue. If you assign the same number of VLANs in the firewall, then failover will work.
Note: For failover to work, the FWSM requires identical configurations and port assignments. It is possible to do inter-chassis failover, but each VLAN assigned to the firewall must be in the trunk between the two chassis.
FWSM does not include any external physical interfaces. Instead, it uses VLAN interfaces. Assigning VLANs to the FWSM is similar to assigning a VLAN to a switch port. The FWSM includes an internal interface to the Switch Fabric Module (if present) or the shared bus. For more information, refer to below URL:
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :