Firewall Issue
Hi Experts !!!
We have two firewall fwsm modules deployed on two different 6509 chassis at two different sites, connected via layer 2 link, as primary and standby modules.
NATng is enabled on the primary firewall module and all xlate and conns are getting replication to standby module.
Yesterday, suddenly NAT engine in the primary fwsm module stopped working and no inboun/outbound traffic was being passed. No changes were made.
Any ideas, what could be the issue and how it can be fixed? FWSM ver is 3.1(1)
Thanks:)
We have two firewall fwsm modules deployed on two different 6509 chassis at two different sites, connected via layer 2 link, as primary and standby modules.
NATng is enabled on the primary firewall module and all xlate and conns are getting replication to standby module.
Yesterday, suddenly NAT engine in the primary fwsm module stopped working and no inboun/outbound traffic was being passed. No changes were made.
Any ideas, what could be the issue and how it can be fixed? FWSM ver is 3.1(1)
Thanks:)
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I did, show logging but did not find anything unusual but did not do show tech.
What does 'show tech' cmd do and does it provide insight into what happened and what caused the issue, that cannot be known from other show cmds ?
Thanks:)
What does 'show tech' cmd do and does it provide insight into what happened and what caused the issue, that cannot be known from other show cmds ?
Thanks:)
It is a combination of several show commands (see list below). This is the command I am normally asked by Cisco tech support when troubleshooting an issue with them. What I would do is log the session, then run the command. Save the output as a log file. Go to https://www.cisco.com/cgi-bin/Support/OutputInterpreter/home.pl and upload the file you just saved. It will analyze it for you and give you recommendations and show you issues based on the analysis.
The output of the show tech-support command can include the output of the following commands:
•show apollo traffic
•show appletalk traffic
•show bootflash
•show bootvar
•show buffers
•show cdp neighbors
•show cef
•show clns traffic
•show context
•show controllers
•show decnet traffic
•show interfaces
•show ip cef
•show ip interface
•show ip traffic
•show isis
•show mpls
•show novell traffic
•show processes cpu
•show processes memory
•show running-config
•show stacks
•show version
•show vines traffic
•show xns traffic
•show file systems
•dir nvram:
•show disk0: all
•show process cpu
•show pci controller
The output of the show tech-support command can include the output of the following commands:
•show apollo traffic
•show appletalk traffic
•show bootflash
•show bootvar
•show buffers
•show cdp neighbors
•show cef
•show clns traffic
•show context
•show controllers
•show decnet traffic
•show interfaces
•show ip cef
•show ip interface
•show ip traffic
•show isis
•show mpls
•show novell traffic
•show processes cpu
•show processes memory
•show running-config
•show stacks
•show version
•show vines traffic
•show xns traffic
•show file systems
•dir nvram:
•show disk0: all
•show process cpu
•show pci controller
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER