6 Replies Latest reply: Mar 23, 2012 8:42 AM by Kingsley - CCSP/CCIP/ CCNP/CCIE Security RSS

    "mac-address auto" blocking ping in multicontext


      I have made asa to multimode created 2 contexts c1 and c2 interfaces e0/0(outside) & e0/1(inside) has been allocated to c1.


      interfaces e0/0(outside) & e0/2(inside) has been allocated to c2 .when i use mac-address auto i am not able to ping to


      inside and outside devices from asa. And outside & inside devices also can't ping to asa .When i remove mac-address auto


      asa can ping to all devices & all devices can ping to asa .Nat-control is disabled.



      Mac-address auto is giving unique mac add to shared interface e0/0


      asa1/c1(config)# sh int

      Interface Ethernet0/0 "outside", is up, line protocol is up

              MAC address 1200.0000.0200, MTU 1500

              IP address, subnet mask



      asa1/c2(config)# sh int

      Interface Ethernet0/0 "outside", is up, line protocol is up

              MAC address 1200.0000.0300, MTU 1500

              IP address, subnet mask



      On pinging from asa/c1 & asa/c2 to r3 which is connected to the outside passing through

      shared interface e0/0 on R3 it is learning unique mac add of shared interfrace e0/0 .



      r3#sh arp

      Protocol  Address          Age (min)  Hardware Addr   Type   Interface

      Internet              -   c202.0988.0000  ARPA   FastEthernet0/0

      Internet             1   1200.0000.0200  ARPA   FastEthernet0/0

      Internet             0   1200.0000.0300  ARPA   FastEthernet0/0


      but on asa in both the contexts it is not learning  mac add of R3.


      The same happens if i ping to other device through non shared interface also

      why mac-address auto is blocking ping ?