06-25-2005 04:43 AM - edited 03-09-2019 11:40 AM
I have a FWSM running 2.3(1). i want to limit traffic for certain networks. Can it be done in routed mode? Iwill be thankful for any suggested configs.
06-25-2005 07:02 AM
If you want to do traffic shaping as in CAR/QoS shaping/policing, then you can't do it in the FWSM. This is a not a firewall-task. You'll have to do it in the Supervisor/MSFC or in a different router/switch.
If you want to limit traffic as in ACL's and firewall rules, then you can.
06-25-2005 08:51 AM
thank you .
Its the ACLs which i am intrested in. Can u suggest any sample configuration of traffic shaping through ACLs in FWSM
thanks again
06-25-2005 09:08 AM
I am still not sure if I have understood what you want.
When you write "shaping" I understand this as "I want to limit the network a.b.c.d to only use 2Mbps but, the network d.e.f.g should get 4 Mbps". If this is what you want, the FWSM can't do it.
If you want to do like "I want to limit the network a.b.c.d to only access the internet on HTTP (TCP port 80), but the network d.e.f.g should be allowed HTTPS (TCP port 443) as well", then the FWSM can do it (and much more).
See here for an example configuration:
06-25-2005 10:09 AM
Thanks Johansen....I got the answer ..I ment the first one.I wanted to limit the bandwidth usage of a network.
In my scenario FWSM is in routed mode and MSFC is doing more of a Layer2 Job... Can bandwidth usage limitation for a network be done on MSFC if not on FWSM , in my scenario?
06-25-2005 10:44 AM
Well.. it depends on your layout, hardware and OS..
Check these links (look for Policing) for more info:
http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801c8c4b.shtml
08-15-2005 10:08 AM
i have gone through the above links. I have few quarries. My layout is like I create L2 VLANs in MSFC and map them on to the FWSM. As hardware I have a MSFC3 and PFC3A. MSFC runs on IOS 12.2(18)SXD3.
Is the above setup enough for policing traffic on my L2 VLANs/ethernet ports or I need PFC3B/PFC3BXL as hardware? Is PFC3B/PFC3BXL a hardware feature or soft configurable operation mode for PFC?
If the above setup is sufficiant can u suggest some sample configurations?
Please advise on the same so that i go in the right direction
regards
Ashish
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide