Routing to a remote site through a FWSM module

jennyjohn · ‎12-12-2010

Our organisation has 2 Core switches with FWSM modules. The Server VLAN (VLAN 10) is behind the FWSM. Unfortunately the remote site connectivity router is also connected behind the FWSM (as shown the diagram). The Servers behind the FWSM are able to connect to the Devices at the remote site. But the users are not able to be routed via the FWSM module to the remote site. How can I configure for the users to access devices at the remote site?

Core Switch Configuration:

interface Vlan6

description ******MSFC-FWSM-Server Context Connecting Interface******

ip address 172.20.5.10 255.255.255.248

standby 6 ip 172.20.5.9

standby 6 preempt

!

ip route 172.20.10.0 255.255.255.0 172.20.5.12

ip route 172.21.10.0 255.255.255.0 172.20.5.12

!

FWSM Configuration:

interface Vlan10

description *****Server Lan Segment*****

nameif server-segment

security-level 90

ip address 172.20.10.254 255.255.255.0 standby 172.20.10.253

!

interface Vlan6

description *****Interface Connecting to MSFC*****

nameif outside

security-level 0

ip address 172.20.5.12 255.255.255.248 standby 172.20.5.13

!

access-list PERMIT extended permit ip any any

!

access-group PERMIT in interface server-segment

access-group PERMIT in interface outside

icmp permit any server-segment

icmp permit any outside

route outside 0.0.0.0 0.0.0.0 172.20.5.9 1

route server-segment 172.21.10.0 255.255.255.0 172.20.10.1

Thanks in advance

Jennifer Halim · ‎12-13-2010

Can you please share the configuration for the User VLAN? both on the MSFC as well as on the FWSM.