Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
651
Views
0
Helpful
1
Replies

IDSM-2/FWSM

Rodrigo Gurriti
Level 3
Level 3

‎08-14-2011 04:17 PM - edited ‎03-11-2019 02:11 PM

Hello,

I have a question on the IDSM-2/FWSM:

How can I inspect inline the FWSM outside/dmz interfaces?


I followed this doc  http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1068377

I understand that I'm bridging the L2 with the L3 Vlans, but on the FWSM how would that work ?

I have 2 L2 vlans:

  • Vlan 20 the outside with my ISP router on the segment.
  • Vlan 60 the DMZ with a couple servers.

My FWSM config:

firewall multiple-vlan-interfaces

firewall module 1 vlan-group 10

firewall vlan-group 10  20,50,60,100

!

!

interface Vlan20

no ip address

shutdown

!

interface Vlan60

no ip address

shutdown

Labels:
0 Helpful
1 Reply 1

Parminder Sian
Level 1
Level 1

‎08-21-2011 11:55 PM

Hi Rodrigo,

First of, IDSM and FWSM are two different devices, if you want to inspect inline traffic, be it actual interfaces or VLAN's, you need and IPS/IDSM not FWSM

In your case, you have IDSM and following configuration should do the trick:-

http://www.cisco.com/en/US/docs/security/ips/7.0/configuration/guide/cli/cli_idsm2.html#wp1067639

Hope this helps,

Sian

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card