I am trying to troubleshoot an issue we're having with Nexus 9000 switches and an ASA 5585 Firewall. Our network access control software is reporting a machine at an IP address of x.x.107.100. I can't ping that address from behind the firewall or on the user network.
I looked at some packets from the firewall and my laptop, but just have a question about the Nexus packet flow.
HSRP is enabled, and my laptop sends the packet to the destination mac 0000.0c07.ac01 (core switch HSRP MAC). Is the Nexus switch supposed to replace this MAC address with a physical MAC address? The firewall sees the packet coming from the active router's physical interface MAC. I thought from CCNA studies that the packet would use that virtual MAC and the HSRP router would sort out (load-balance) once it got the packet back?