08-14-2007 06:19 AM - edited 03-11-2019 03:57 AM
Dear All,
I have sevaral vlans one each per floor configured on 6513 switch.Now i have to configure the FWSM for those vlans to do the intervlan communication and also i have vlan 20 for management purpose.
Please give the FWSM configuration for those vlans.
Thanks
swamy
08-14-2007 06:41 AM
If you want the traffic between thos vlans to be inspected by the FWSM( which i don't recomend) you will have to create a vlan interface for each vlan in the FWSM with security levels and the appropiate rules. The way I'll do it will be creating a SVI for each vlan in the MFSC with a default route point to the inside interface ip address of the FWSM.
08-14-2007 11:53 PM
Dear
I need same security level config for all the vlans in the fwsm then one vlan conect to the outside perimeter firewall.
08-15-2007 04:39 AM
If you create a vlan interface for every vlan in the FWSM using the same security levels on every interface and use the same-security-traffic permit inter-interface command you still have to create rules for every vlan interface in the FWSM to allow the traffic between the vlan's.
08-15-2007 04:50 AM
Another disadvantage is that if you use FWSM to do all the routing for your vlan's the Bandwidth and packets per seconds it's degraded from 32-720Gbps to 5.5Gbps and 15-400Mpps to 2.8Mpps. If you really need to use a firewall between every vlan then do it that way.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: