Virtual Context on CAT-6509E FWSM Module

Unanswered Question
Feb 11th, 2008
User Badges:

Hi all,


Can we use a single Virtual Context for filtering traffic from Multiple VLANs?. It should be any how possible b/c we are having a license of only 20 or 22 Virtual Contexts & lots Customer VLANs.


I tried to make a 2nd SVI(int Vlan56) an Internal interface but its not working......... Do help me out so that this context(Companyxyz-Internal) fiters traffic for multiple VLANs.


FWSM Firewall Version 3.2(2)


CFWSM-FW# sh run


interface Vlan30

description CUSTOMER-1

!

interface Vlan50

description External


interface Vlan56

description CUSTOMER-2


admin-context Companyxyz-Internal

context Companyxyz-Internal

description admin-context Companyxyz-Internal

allocate-interface Vlan30

allocate-interface Vlan56

allocate-interface Vlan50

config-url disk:/Companyxyz-Internal

join-failover-group 1


CFWSM-FW# changeto context Companyxyz-Internal

CFWSM-FW/Companyxyz-Internal#sh run


interface Vlan30

nameif inside

security-level 100

ip address 172.16.33.1 255.255.255.0 standby 172.16.33.2

!

interface Vlan50

nameif outside

security-level 0

ip address 172.16.66.4 255.255.255.248 standby 172.16.66.5


interface Vlan56

no nameif

no security-level

no ip address


CFWSM-FW/Companyxyz-Internal(config)# int vlan 56

**** WARNING ****

Configuration Replication is NOT performed from Standby unit to Active unit.

Configurations are no longer synchronized.


CFWSM-FW/Companyxyz-Internal(config-if)# nameif inside

WARNING: VLAN *56* is not configured.

ERROR: Name "inside" has been assigned to interface Vlan51

CFWSM-FW/Companyxyz-Internal(config-if)#




Regards,


Akhtar


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
nedian123 Mon, 02/11/2008 - 20:20
User Badges:

Vlans are already added to Firewall vlan-group......

Actions

This Discussion