08-25-2006 02:50 PM
hi guys,
This is the problem : I need to receive from a GigaEth both some multicast streams and a unicast control traffic to be filtered. So, on a 3750 there is a trunk vs data provider, and Interface Vlan X for mcast and Vlan Y for outside unicast in global space. Than a Vlan Z in a separate vrf for inside. Pix is connected on L2 port Vlan X for outside and on L2 port Vlan Z for inside. It doesn't run !!! It seems to be unable to resolve arp ...
The actual 3750, will become in a short time a 650x sup 720B, but I am not sure if we have a better results.
Any advice ?
Thanks
Maurizio
08-31-2006 06:11 AM
To make this happen a FWSM module has to be installed in the Catalyst 6500 series switch. The FWSM features has the following features
Layer 2 Firewall (transparent mode)
Layer 3 Firewall (route and/or NAT mode)
Mixed Layer 2 and Layer 3 firewall per FWSM
Dynamic/static NAT and PAT
Policy-based NAT
VRF-aware NAT
Destination NAT for Multicast
Static routing support in single- and multiple security context mode
Dynamic routing in single security context mode: Open Shortest Path First (OSPF), Routing Initiation Protocol (RIP) v1 and v2, PIM Sparse Mode v2 multicast routing, Internet Group Management Protocol (IGMP) v2
Transparent mode supports static routing only
Private VLAN
Asymmetric routing supporting without redundancy by using asymmetric routing groups
IPv6 networking and management access using IPv6 HTTPS, Secure Shell Protocol (SSH) v1 and v2, and Telnet
08-31-2006 12:40 PM
Tanks for your response, but in my opinion using a FWSM to fiter just 2 low traffic vlan is a bit too expansive.
BTW , today I have solved my issue forcing arp on both side ( vrf ). Anyway the problem is still : why 3750 did non resolve arp ?
regards
Maurizio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide