FWSM Sample Config

Unanswered Question
Jan 30th, 2008


In core switches we have fwsm module installed with hsrp running b/w the 2 switches. In core 2 vlan is created. 1 for server & anohter for IP phones.

there will be 110 vlans that will be created into individual distribution switches.

can someone guide me how to configure the fwsm in this case so that all traffic destined to access the servers that are connected with core switch be filtered by fwsm!!!

Core & Distribution switch is connected via trunk link!!!!

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
ohanusi2000 Wed, 01/30/2008 - 04:44

Hi ,

The basic requirement is to make sure that there are no 3rd leve layer connection between the inside outside or dms interface in the switch msfc routing layre of your switch.

The interconnection show be tru the fwsm module.

easy way

assign the vlan to the firewall module .

make sure the default gateway of the dmzz and inside is on the firewall module.

do not configure any int vla for inside and dmz interface of the mfsc routing card.


acharyr123 Wed, 01/30/2008 - 05:03

I believe i am nt clear to u....

I need to create 2 vlan in core. all distributions will be connected with core via L3 link. In core say vlan 2 will be craeted with say 10.10.10.X/24. All distribution will be created with vlan 2 with,.3,.4 etc with /24 subnet.

All other user vlans will be created into corresponding distribution switches.

in this scenario what should be the config in fwsm!!!!


This Discussion