Virtual Context on CAT-6509E FWSM Module

Feb 11th, 2008

Hi all,

Can we use a single Virtual Context for filtering traffic from Multiple VLANs?. It should be any how possible b/c we are having a license of only 20 or 22 Virtual Contexts & lots Customer VLANs.

I tried to make a 2nd SVI(int Vlan56) an Internal interface but its not working......... Do help me out so that this context(Companyxyz-Internal) fiters traffic for multiple VLANs.

FWSM Firewall Version 3.2(2)

CFWSM-FW# sh run

interface Vlan30

description CUSTOMER-1


interface Vlan50

description External

interface Vlan56

description CUSTOMER-2

admin-context Companyxyz-Internal

context Companyxyz-Internal

description admin-context Companyxyz-Internal

allocate-interface Vlan30

allocate-interface Vlan56

allocate-interface Vlan50

config-url disk:/Companyxyz-Internal

join-failover-group 1

CFWSM-FW# changeto context Companyxyz-Internal

CFWSM-FW/Companyxyz-Internal#sh run

interface Vlan30

nameif inside

security-level 100

ip address standby


interface Vlan50

nameif outside

security-level 0

ip address standby

interface Vlan56

no nameif

no security-level

no ip address

CFWSM-FW/Companyxyz-Internal(config)# int vlan 56

**** WARNING ****

Configuration Replication is NOT performed from Standby unit to Active unit.

Configurations are no longer synchronized.

CFWSM-FW/Companyxyz-Internal(config-if)# nameif inside

WARNING: VLAN *56* is not configured.

ERROR: Name "inside" has been assigned to interface Vlan51




