Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

we are having trouble with out FWSM's and our Global PAT

Both our Primary and Standby FWSM's stopped doing Pat translations we would reboot one the other work for a few moments then all the Xlates stopped.

When I do a show context detail the output tells me that all my contexts are zombie does any one know what that means?


Re: we are having trouble with out FWSM's and our Global PAT

When a context is deleted, it shows up as a zombie in "show context detail".

Also with a config sync, all contexts are first removed using "clear config all" and restored when the existing config is

restored. Zombie contexts are displayed with the "show context detail" and are filtered from the normal "show context" display.

The purpose of a zombie context state is that after a context is destroyed, FWSM reserves

the context ID and prevent it from being reused so that any resources associated with it can clean themselves up.

The zombie contexts disappear when the context ID is reused (after the minute waiting period). There are 255 context IDs in the system, and they are used in a round robin fashion. So the context in a zombie state will remain until the 256th context creation occurs.


Community Member

Re: we are having trouble with out FWSM's and our Global PAT

So here is what I am seeing we shut down the secondary FWSM and are only running on the primary all the contexts are in use, but showing that they are in this Zombie status even after a week. Is this normal?

CreatePlease to create content