10-16-2005 01:08 PM - last edited on 03-25-2019 03:00 PM by ciscomoderator
I have a set of 6509s with FWSMs in one. The network design requires multiple VLANs in front of, behind, and in a DMZ of the FWSM. How do I guarantee that traffic goes up through the FWSM as expected instead of being routed via the MSFC directly to the target network?
10-20-2005 11:42 AM
A sample configuration look like this
security ACLs
set security acl ip postacl permit arp
set security acl ip postacl permit ip any any
10-20-2005 02:46 PM
The vlans that need to be FWSM-protected should be configured at Layer 3 on the FWSM only, not on the MSFC. Assign them to the FWSM in the switch configuration and it should take care of itself. Make sure that the MSFC has routes to the networks behind the FWSM and vice versa- it's behaving as another router in this configuration.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide