Floor vlans with FWSM

Unanswered Question
Aug 14th, 2007
User Badges:

Dear All,

I have sevaral vlans one each per floor configured on 6513 switch.Now i have to configure the FWSM for those vlans to do the intervlan communication and also i have vlan 20 for management purpose.

Please give the FWSM configuration for those vlans.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
rigoberto.cintr... Tue, 08/14/2007 - 06:41
User Badges:

If you want the traffic between thos vlans to be inspected by the FWSM( which i don't recomend) you will have to create a vlan interface for each vlan in the FWSM with security levels and the appropiate rules. The way I'll do it will be creating a SVI for each vlan in the MFSC with a default route point to the inside interface ip address of the FWSM.

arumugasamy Tue, 08/14/2007 - 23:53
User Badges:


I need same security level config for all the vlans in the fwsm then one vlan conect to the outside perimeter firewall.

rigoberto.cintr... Wed, 08/15/2007 - 04:39
User Badges:

If you create a vlan interface for every vlan in the FWSM using the same security levels on every interface and use the same-security-traffic permit inter-interface command you still have to create rules for every vlan interface in the FWSM to allow the traffic between the vlan's.

rigoberto.cintr... Wed, 08/15/2007 - 04:50
User Badges:

Another disadvantage is that if you use FWSM to do all the routing for your vlan's the Bandwidth and packets per seconds it's degraded from 32-720Gbps to 5.5Gbps and 15-400Mpps to 2.8Mpps. If you really need to use a firewall between every vlan then do it that way.


This Discussion