FWSM problem

shivlu jain — Mon, 11 Mar 2019 10:40:40 GMT

hi all

i am attaching the connectivity diagram.We are using in vlan 1,5,7,11,15 in the 6513 switch.Alos this switch has 2*FWSm modules.Now i am not able to understand how to select the insode and outside interface vlan.I had created a vlan-group 1 and bind that group tp the firewall module 1.All my vlans in the firewall came up.But i am not able to ping them.

FWSM:-

int vlan 15

ip add 10.0.4.254 255.255.255.0

nameif outside

int vlan 5

ip add 10.0.4.254 255.255.255.0

nameif inside

nat (inside) 1 0 0

global (outside) 1 interface

access-list 1 permit icmp any any

access-group 1 in interface outside

Switch:-

int vlan 15

ip add 10.0.4.1 255.255.255.0

The above configuration is a test configuration.

Please let me know how to select the inside and outside interface.All the connectivity is over MPLS cloud and it is the intra connectivity.Only internet cloud is using for outside.

Re: FWSM problem

JBDanford2002 — Thu, 05 Jul 2007 22:01:04 GMT

To allow ping to the interface try the following:

icmp perit any outside

icmp permit any inside

The inside interface is given a security level of 100. The outside is given the security level of 0. The lower security level should be pointed toward the least secure network(s). Connections by default are normally permitted from higher to lower security level interfaces. Interface Security levels that are the same are not permitted by default to traverse the firewall even if the policy allows.

topic Re: FWSM problem in Network Security

FWSM problem

Re: FWSM problem