I ran into a strange problem moving a server from a PIX I was retiring to my ASA.
I currently have 4 untagged VLANs on a Dell 5324 Switch. The Cisco ASA is using 3 interfaces (Outside, DMZ, Inside). The Outside interface of the ASA is on a VLAN with the outside interface of my Pix 505 as well as my internet access from my ISP. The Inside interfaces for both the PIX and ASA are on their own VLANs. The DMZ is on its own VLAN.
I changed the IP address of the server from the inside PIX subnet to an address on my ASA DMZ subnet. I moved the cable from a port on the inside PIX subnet to the DMZ subnet. I removed the PIX from the environment. I cleared the arp cache from the 5324 and on the ASA.
When I plugged the server into the new switch port, all traffic on the VLAN stopped. I thought it was a loop/STP issue, ip conflict, or arp cache issue. I did not get any ip dupe errors on any device or the server. I changed it anways. Once I did this and plugged the server back into the DMZ VLAN traffic to/from server at this point worked. I then created the following NAT rule on the ASA:
Yes I think, the problem is that the ASA does not support STP, this feature is only available for switches. So, basically these loops are expected because the STP will not complete having the ASA in there.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...