cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
414
Views
0
Helpful
1
Replies

FWSM: (nat0, nat1) Routing from MSFC

s.srivas
Level 1
Level 1

Hi

Traffic that is coming from the MSFC is not seen by FWSM. (Routed mode.)

Monitored the MSFC vlan 4094 interface (traffic was seen) and monitored the FWSM interface outside on VLAN 4094 (traffic was not seen).

This is nat 0 traffic and equal security levels are set on FWSM. Other natted traffic is working fine too.

Help would be appreciated.

SS

1 Reply 1

wdrootz
Level 4
Level 4

This problem occurs when the VLAN and the firewall-group command are not added to the Multilayer Switch Feature Card (MSFC) prior to the addition of VLAN interfaces to the Cisco Firewall Services Module (FWSM).

Add the VLAN and the firewall-group command to the MSFC before VLAN interfaces are added to the FWSM.

To add the firewall-group command, remove the interface from the FWSM and reapply the command on the MSFC. Then, re-add the interface and name the if statements to the FWSM. Now, the Switch Virtual Interface (SVI) successfully passes data between the MSFC and the FWSM.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: