how to bypass the traffic from FWSM for the perticuer subnet

Unanswered Question
Aug 10th, 2007
User Badges:

I want to bypass all my internal traffic and external traffic from the FWSM for the perticuer subnet. I am having a gateway connected to external network and FWSMcore connected to internal.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Sat, 08/11/2007 - 01:42
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Could you be bit more specific about the topology. Generally speaking if you want to bypass the FWSM just create a layer 3 SVI on the MSFC and don't allocate the vlan to the FWSM.


HTH


Jon

derawat28 Sun, 08/12/2007 - 18:32
User Badges:

Hi Jon,

Thanks for your reply,


Where I need to create the L3 SVI and how may i configure it, please may I know some more details,


As far topology is concerned so as follows:


L2 switch>FWSM core(L3)>FWSM> Gateway(for the external).


Please I will very appreciate to you if you could brief me more clear as I am new for the FW stream.

Jon Marshall Mon, 08/13/2007 - 01:09
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


Which suprevisor do you have in your 6500 switches ?


Your topology


L2 switch - is this the 6500 switch that the FWSM's are in or is it a separate switch.


It's still unclear as to how your firewalling is setup.


An SVI is a vlan interface on your 6500. So lets say you have a vlan 100 that you do not want to go through the FWSM. On your 6500 switch


interface vlan 100

ip address x.x.x.x "subnet mask"

no shut


But i need some more details to give you a proper solution.


Jon

derawat28 Mon, 08/13/2007 - 01:37
User Badges:

Hi Jon,


Many thanks for your prompt reply,


My topology is like L2(DMZ switch) connected to the core switch(6509) and core switch is connected to FWSM core router(L3) and logically FWSM core router(L3) connected to the Gateway for external area. FWSM resides between FWSM core router(L3) and Gateway. We have a physical connection towards to the gateway from the DMZ switch.


We are using the version 12.2 for the FWSM core router(L3) and Version 3.1(6) for the FWSM.


Inside the L2 DMZ switch we are using sup2.


I believe now you will be having more clear picture.


Thanks in advance,

Regards,

Devender Rawat

rigoberto.cintr... Mon, 08/13/2007 - 12:28
User Badges:

How many FWSM the 6509 has?

The External Gateway is connected in the VLAN that it's define as the Outside?

Subnet that you want to bypass it's part of the inside VLAN?

derawat28 Mon, 08/13/2007 - 19:39
User Badges:

Hi Jon,


Thanks once again and we have only one FWSM in 6509 and the traffice which we need to bypass is inside traffic also whenever any traffic come from outside for the vlan so that should also bypass the FWSM.


I feel sorry if anything is still unclear for you.


Thanks,

Regards,

Devender

Actions

This Discussion