cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2188
Views
0
Helpful
1
Replies

Cat6500 - %SVCLC-5-FWTRUNK: Firewalled VLANs configured on trunks

DY-BB-1#sh module
Mod Ports Card Type Model Serial No.
--- ----- -------------------------------------- ------------------ -----------
1 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE SAD112102EN
2 48 CEF720 48 port 1000mb SFP WS-X6748-SFP SAL1122PWRX
3 6 Firewall Module WS-SVC-FWM-1 SAD112105J2
5 2 Supervisor Engine 720 (Active) WS-SUP720-3B SAD11140351
9 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-45AF SAL1105FVNB

Mod MAC addresses Hw Fw Sw Status
--- ---------------------------------- ------ ------------ ------------ -------
1 001b.d483.6824 to 001b.d483.6827 2.6 12.2(14r)S5 12.2(18)SXF1 Ok
2 001b.d45d.b8b8 to 001b.d45d.b8e7 1.8 12.2(14r)S5 12.2(18)SXF1 Ok
3 001b.d483.8dd4 to 001b.d483.8ddb 4.1 7.2(1) 4.0(4) Ok
5 0013.807b.6340 to 0013.807b.6343 5.3 8.4(2) 12.2(18)SXF1 Ok
9 001a.6d86.b608 to 001a.6d86.b637 12.1 7.2(1) 8.5(0.46)RFW Ok

Mod Sub-Module Model Serial Hw Status
---- --------------------------- ------------------ ----------- ------- -------
1 Centralized Forwarding Card WS-F6700-CFC SAL1121PECL 3.1 Ok
2 Centralized Forwarding Card WS-F6700-CFC SAL1121PMVJ 3.1 Ok
5 Policy Feature Card 3 WS-F6K-PFC3B SAD111806KS 2.3 Ok
5 MSFC3 Daughterboard WS-SUP720 SAD111900TH 2.6 Ok
9 IEEE Voice Daughter Card WS-F6K-48-AF SAL1105G01W 2.3 Ok

Mod Online Diag Status
---- -------------------
1 Pass
2 Pass
3 Pass
5 Pass
9 Pass

 

 

DY-BB-1#sh run | inc firewall
firewall multiple-vlan-interfaces
firewall module 3 vlan-group 1
firewall vlan-group 1 2-24,302-321,324

 

 

DY-BB-1#show firewall module 3 state
Firewall module 3:
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Off
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: 2-24,302-321,324
Pruning VLANs Enabled: 2-1001
Vlans allowed on trunk: 2-24,302-321,324
Vlans allowed and active in management domain: 2-24,302-321,324
Vlans in spanning tree forwarding state and not pruned:
2-24,302-321,324

 


DY-BB-1#show firewall vlan-group
Display vlan-groups created by both ACE module and FWSM

Group Created by vlans
----- ---------- -----
1 FWSM 2-24,302-321,324

 

 

DY-BB-1#sh run int g9/37
interface GigabitEthernet9/37
description ## External Wireless VPN ##
switchport
switchport access vlan 245
switchport mode access
no ip address
end

 

DY-BB-1#sh logging

Jan 23 11:31:12: %SVCLC-5-FWTRUNK: Firewalled VLANs configured on trunks
Jan 23 11:32:14: %SVCLC-5-FWTRUNK: Firewalled VLANs configured on trunks
Jan 23 11:33:58: %SVCLC-5-FWTRUNK: Firewalled VLANs configured on trunks
Jan 23 11:35:19: %SVCLC-5-FWTRUNK: Firewalled VLANs configured on trunks

 

 

My client replaced the firewall that is connected to interface 9/37.

The <Firewalled VLANs configured on trunks> logs occur.

Does this affect the service? Do you have any ideas?

1 Accepted Solution
1 Reply 1
Review Cisco Networking for a $25 gift card