Floor vlans with FWSM

Unanswered Question
Aug 14th, 2007

Dear All,

I have sevaral vlans one each per floor configured on 6513 switch.Now i have to configure the FWSM for those vlans to do the intervlan communication and also i have vlan 20 for management purpose.

Please give the FWSM configuration for those vlans.

Thanks

swamy

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rigoberto.cintr... Tue, 08/14/2007 - 06:41

If you want the traffic between thos vlans to be inspected by the FWSM( which i don't recomend) you will have to create a vlan interface for each vlan in the FWSM with security levels and the appropiate rules. The way I'll do it will be creating a SVI for each vlan in the MFSC with a default route point to the inside interface ip address of the FWSM.

arumugasamy Tue, 08/14/2007 - 23:53

Dear

I need same security level config for all the vlans in the fwsm then one vlan conect to the outside perimeter firewall.

rigoberto.cintr... Wed, 08/15/2007 - 04:39

If you create a vlan interface for every vlan in the FWSM using the same security levels on every interface and use the same-security-traffic permit inter-interface command you still have to create rules for every vlan interface in the FWSM to allow the traffic between the vlan's.

rigoberto.cintr... Wed, 08/15/2007 - 04:50

Another disadvantage is that if you use FWSM to do all the routing for your vlan's the Bandwidth and packets per seconds it's degraded from 32-720Gbps to 5.5Gbps and 15-400Mpps to 2.8Mpps. If you really need to use a firewall between every vlan then do it that way.

Actions

This Discussion