I got a question regarding Zone Based Firewall and service module on a 3925 router. In fact, i want to acquire à 3925 router with the Security plus license to implement ZBF and filter inter-vlan traffic and especially inside-->outside traffic. The 3925 will be added a Service Module SM-ES3G-16-P to implement routed port (physical) and SVI (Switched Virtual Circuit).
In fact each VLAN will be connected to an SVI according to this figure :
My question are pretty simple :
Is it possible to created ZBF rules and specified the SVIs attached to the service module (ZBF won't apply only on the 3 integrated interfaces of the 3925) ?
I also want to know if it is possible to implement WCCP on SVI located in the inside area ?
A cisco sale representative (cisco.com chat) told me that ZBF and EtherSwitch service module are compatible but I might say i really doubt on that as the service module runs on a different IOS than the hosting router.
Has anyone an done such a design ?
I also saw that EHWIC module are available and compatible with SVI but restricted to a maximum of 15 SVI per module. Can anyone confirm that ?
Do you use Cisco DNA Center? Have you used and are you willing to provide your feedback in using the Cisco DNA Center help and documentation?
If so, we’d like you to complete the survey linked below. Your feedback will help provide more effective and easi...
Listen: https://smarturl.it/CCRS9E18Follow us: https://twitter.com/CiscoChampion Reaching the height of your career is no simple feat. It often requires a combination of pursuing the right education, building the right professional network and being ...
In a typical production SD-WAN deployment, we would probably have many remote sites connected via many different Internet connections to a centralized data center or a regional hub. In most regions in the world, Internet providers will always use some typ...