Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
274
Views
0
Helpful
1
Replies

FWSM classifier

nnw11903
Level 1
Level 1

‎08-15-2004 04:06 AM - edited ‎03-09-2019 08:27 AM

Hi,

can someone explain the functionality of the FWSM traffic classifier in depth?

We're having a complex FWSM config with around 40 contexts and 20 shared interfaces between most of the contexts.

To enable

- inter-context communication over shared vlans

- cascaded context configuration (well-known outside networks -> contextA -> context[1..n]->DMZ dedicated to context n)

each source address/network must be configured through static NAT (in our case static identity NAT) as

- inside static (DMZ contexts)

- outside static (on contextA when cascading contexts)

How the distribution logic works when the MSFC has a layer 3 VLAN interface on a shared VLAN?

The networks behind contexts (DMZ) that are attached to the shared VLAN will be known through static's, but what logic forces the FWSM to use the MSFC interface?

For inter-context commnication over a shared VLAN:

- what happens to routing? Do I really need static routes to all DMZ networks? (My experience says yes, but why - if only static's will be used?)

The docu states, that the classifier does not care about routes, only VLANs or XLATES are used by the classifier.

Labels:
0 Helpful
1 Reply 1

drolemc
Level 6
Level 6

‎08-19-2004 11:47 AM

You will find some information on 'How the FWSM Classifies Packets' at http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a00802012c5.html#wp1036573.

0 Helpful
Customers Also Viewed These Support Documents