02-16-2007 06:38 AM - edited 03-11-2019 02:34 AM
Hi,
I'm linking my network core to a government agency. They are a bit paranoid and their cisco sale eng. sold them this concept.
His it even possible(I know it's ugly!). How is it possible ? The sale engineer told them it would all work in transparent mode!
02-16-2007 06:39 AM
02-16-2007 08:48 AM
Hi dominic
Doing this from memory as i don't have visio on this laptop but i did look at it earlier.
Without knowing the full requirements or reasoning behind the design it's difficult to comment too much. But one thing that does stand out is that you cannot chain security contexts and from memory that's what the diagram shows. From the 3.1 FWSM config doc:
==============================================
Note The FWSM does not support sharing the outside interface of one context with the inside interface of another context (known as cascading contexts). Traffic that is outbound from one context(from a higher to a lower security interface) can only enter another context as inbound traffic (lower to higher security); it cannot be outbound for both contexts, or inbound for both contexts.
==============================================
Are you going to accessing servers from all the contexts in the diagram ?
Jon
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: