topic IDSM-2/FWSM in Network Security https://community.cisco.com/t5/network-security/idsm-2-fwsm/m-p/1737041#M533553 <HTML><HEAD></HEAD><BODY><P>Hi Rodrigo,</P><P></P><P></P><P>First of, IDSM and FWSM are two different devices, if you want to inspect inline traffic, be it actual interfaces or VLAN's, you need and IPS/IDSM not FWSM</P><P></P><P>In your case, you have IDSM and following configuration should do the trick:- </P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1067639">http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1067639</A></P><P></P><P>Hope this helps,</P><P>Sian</P></BODY></HTML> Mon, 22 Aug 2011 06:55:02 GMT Parminder Sian 2011-08-22T06:55:02Z IDSM-2/FWSM https://community.cisco.com/t5/network-security/idsm-2-fwsm/m-p/1737040#M533547 <P>Hello,</P><P></P><P>I have a question on the IDSM-2/FWSM:</P><P></P><P><STRONG> How can I inspect inline the FWSM outside/dmz interfaces?</STRONG></P><P><STRONG><BR /></STRONG></P><P>I followed this doc&nbsp; <A href="http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1068377" target="_blank">http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1068377</A> </P><P>I understand that I'm bridging the L2 with the L3 Vlans, but on the FWSM how would that work ? </P><P>I have 2 L2 vlans:</P><UL><LI>Vlan 20 the outside with my ISP router on the segment. </LI><LI>Vlan 60 the DMZ with a couple servers. </LI></UL><P></P><P>My FWSM config:</P><P></P><P>firewall multiple-vlan-interfaces</P><P>firewall module 1 vlan-group 10</P><P>firewall vlan-group 10&nbsp; 20,50,60,100</P><P>!</P><P>!</P><P>interface Vlan20</P><P> no ip address</P><P> shutdown</P><P>!</P><P>interface Vlan60</P><P> no ip address</P><P> shutdown</P> Mon, 11 Mar 2019 21:11:38 GMT https://community.cisco.com/t5/network-security/idsm-2-fwsm/m-p/1737040#M533547 Rodrigo Gurriti 2019-03-11T21:11:38Z IDSM-2/FWSM https://community.cisco.com/t5/network-security/idsm-2-fwsm/m-p/1737041#M533553 <HTML><HEAD></HEAD><BODY><P>Hi Rodrigo,</P><P></P><P></P><P>First of, IDSM and FWSM are two different devices, if you want to inspect inline traffic, be it actual interfaces or VLAN's, you need and IPS/IDSM not FWSM</P><P></P><P>In your case, you have IDSM and following configuration should do the trick:- </P><P></P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1067639">http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1067639</A></P><P></P><P>Hope this helps,</P><P>Sian</P></BODY></HTML> Mon, 22 Aug 2011 06:55:02 GMT https://community.cisco.com/t5/network-security/idsm-2-fwsm/m-p/1737041#M533553 Parminder Sian 2011-08-22T06:55:02Z