Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
462
Views
0
Helpful
2
Replies

Configuring Cat 6500 with FWSM

cwu
Level 1
Level 1

‎06-19-2003 06:08 AM - edited ‎03-02-2019 08:16 AM

We have just received a 6500 with MSFC and FWSM and I'm trying to figure out how to configure vlans to be processed by the firewall. Are there sample configurations anywhere besides the ones in the "Getting Started" guide?

I can configure the initial SVI, but any subsequent vlans I configure on the MSFC are "Forced to stay down" because there's already a "SVI tied to the line card in slot X". I'm sure I'm missing something but what?

Labels:
0 Helpful
2 Replies 2

jayantt
Level 1
Level 1

‎06-19-2003 08:37 PM

I believe FWSM card would need Native IOS and not MSFC / Hybird IOS.

0 Helpful

shamilton-wilkes
Level 3
Level 3

‎06-22-2003 08:11 AM

Start with the firewall chapter of this:

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns304/c649/ccmigration_09186a008014efaf.pdf

With the some versions of IOS you are permitted to have multiple SVIs - but this will always be a less secure configuration.

You need to choose- do you want the MSFC inside the firewall or outside ?

If you're using this switch on the edge of your network then probably you want the FWSM on the outside and the MSFC on the inside.

However, if you need the routing functions of the MSFC on the outside you have no choice - my MSFCs are on the outside because they're running BGP. Then I have a dozen or so VLANs setup on the FWSM, ranging from outside, which is where the default route on the FWSM goes to the MSFC. To inside, where my company database resides, with very limited access.

Where it gets fun is when you add load balancing within the chassis too.

Simon

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card