Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1456
Views
0
Helpful
2
Replies

6509 Switch : FWSM module configuration

vinodjad1234
Level 2
Level 2

‎10-25-2010 12:16 PM - edited ‎03-11-2019 11:59 AM

Hi,

I want to configure FWSM in 6509 switch as a internal firewall :

I have below doubts about FWSM configuration :

To login to FWSM , i can go to the perticular session slot ..no proc ..no

and login with username and password

below is my scenario :

I have couple of VLANs and that are configured on the same 6509 switch and now i want to apply some policy like restricting intervlan communication for some vlans and restricting some virtual port for some server to access.how do i achieve it ?

As i gone through some documents ... it is mentioned that I need to create VLAN( which i need to restrict for some applications ) in FWSM module   instead of switch 6509 and there i need to configure the policies whichever i need and then i need  to apply on perticular interface vlan ( SVI VLAN )

is that so ?

or i can create vlan as it is in the switch 6509 only and after creating the group in FWSM,  i will have to add vlan (  which i need to restrict for some applications ) in that group .

My main purpose to add FWSM module is , i need to restrict some vlans to access some network applications as well intervlan communication or server access ?

How do i configure it ?

It would be great help for me to go ahead and configure it after understanding ,

Please do share the knowledge ...

Labels:
0 Helpful
2 Replies 2

Allen P Chen
Level 5
Level 5

‎10-25-2010 01:07 PM

Hello,

I have attached a basic FWSM configuration example, which I hope will be helpful to you.

If you have existing VLANs on the MSFC that you would like to move to the FWSM, you will need to assign those VLANs to the FWSM using the "firewall vlan-group" command.

Hope this helps!

Preview file
51 KB
0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎10-25-2010 01:08 PM

Vinod

You can create a new vlan and assign it to the FWSM or you can assign an existing vlan to the FWSM but if you assign an existing vlan to the FWSM to be firewalled then you must remove the L3 SVI for that vlan. See this thread for a guide on how to config FWSM -

https://supportforums.cisco.com/message/536548#536548

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card