DM When using shared interfaces you must ensure that you use different ip addresses for each shared interface in each context.
As mac address auto has not historically been available on the FWSM my method of choice for context classification is static identity NAT, which binds the internal address space to the particular shared interface (if using an outside shared int). You cannot use shared interfaces for both inside and outside either. Stu 2009/9/10 Dnyaneshwar Gore <[email protected]> > Hi All, > > I read in one of the doc that we can share IP address on shared interface > on different contexts. Is it correct? If yes then how packet classifier will > classify the packet? > Lets take an example: ASA has three contexts A, B and C. They are sharing > outside interface i.e. Giga0/0 with IP address. Internet router is attached > to ASA's outside interface. Now in this scenario how ASA will divert a > packet coming from internet to correct context from where connection is > originated? > > One way is separate mac address for outside interface. But in this case, > returned packet will go to all contexts as they are having same outside ip > address. > > Another way is NAT destination IP address. But in this case, destination IP > will be from outside ip address range only. So once again it will go to all > contexts. > > Kindly help me in this case. > > Regards, > D.M.Gore > > > > > > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
