We help IT Professionals succeed at work.

Possible HSRP issue on Nexus 9000 Series Switches

155 Views
Last Modified: 2018-11-01
I am trying to troubleshoot an issue we're having with Nexus 9000 switches and an ASA 5585 Firewall.  Our network access control software is reporting a machine at an IP address of x.x.107.100.  I can't ping that address from behind the firewall or on the user network.

I looked at some packets from the firewall and my laptop, but just have a question about the Nexus packet flow.

HSRP is enabled, and my laptop sends the packet to the destination mac 0000.0c07.ac01 (core switch HSRP MAC).  Is the Nexus switch supposed to replace this MAC address with a physical MAC address?  The firewall sees the packet coming from the active router's physical interface MAC.  I thought from CCNA studies that the packet would use that virtual MAC and the HSRP router would sort out (load-balance) once it got the packet back?
Comment
Watch Question

Sr.Net.Eng
CERTIFIED EXPERT
Top Expert 2011
Commented:
This problem has been solved!
(Unlock this solution with a 7-day Free Trial)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions