ASA Multicontext and the packet-tracer command
I have an interesting question but I cannot find the answer. Basically, whenever I configure multicontext with the outside interface being shared and no NAT at all. Everything works fine (traffic, ACLs, etc) However, the packet-tracer command says I shouldn't be able to have this working [:S]
Th output is:
packet-tracer input outside icmp <ip_add_A> 8 0 <ip_add_B >
Drop-reason: (ifc-classify) Virtual firewall classification failed
I get the same result for UDP/TCP/ICMP traffic.
So, even when everything is working fine, if I use the packet-tracer for just verification, it says this shouldn't work, this must be a bug, but I'm not able to find one.