Avatar of Brad Sims, CCNA
Brad Sims, CCNA
Flag for United States of America asked on

Possible HSRP issue on Nexus 9000 Series Switches

I am trying to troubleshoot an issue we're having with Nexus 9000 switches and an ASA 5585 Firewall.  Our network access control software is reporting a machine at an IP address of x.x.107.100.  I can't ping that address from behind the firewall or on the user network.

I looked at some packets from the firewall and my laptop, but just have a question about the Nexus packet flow.

HSRP is enabled, and my laptop sends the packet to the destination mac 0000.0c07.ac01 (core switch HSRP MAC).  Is the Nexus switch supposed to replace this MAC address with a physical MAC address?  The firewall sees the packet coming from the active router's physical interface MAC.  I thought from CCNA studies that the packet would use that virtual MAC and the HSRP router would sort out (load-balance) once it got the packet back?
CiscoSwitches / HubsNetworking

Avatar of undefined
Last Comment
Soulja

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Soulja

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes