FWSM: (nat0, nat1) Routing from MSFC

Unanswered Question
Dec 12th, 2007
User Badges:

Hi


Traffic that is coming from the MSFC is not seen by FWSM. (Routed mode.)

Monitored the MSFC vlan 4094 interface (traffic was seen) and monitored the FWSM interface outside on VLAN 4094 (traffic was not seen).


This is nat 0 traffic and equal security levels are set on FWSM. Other natted traffic is working fine too.


Help would be appreciated.


SS


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
wdrootz Wed, 12/19/2007 - 08:56
User Badges:
  • Bronze, 100 points or more

This problem occurs when the VLAN and the firewall-group command are not added to the Multilayer Switch Feature Card (MSFC) prior to the addition of VLAN interfaces to the Cisco Firewall Services Module (FWSM).


Add the VLAN and the firewall-group command to the MSFC before VLAN interfaces are added to the FWSM.


To add the firewall-group command, remove the interface from the FWSM and reapply the command on the MSFC. Then, re-add the interface and name the if statements to the FWSM. Now, the Switch Virtual Interface (SVI) successfully passes data between the MSFC and the FWSM.


Actions

This Discussion