Virtual Context on CAT-6509E FWSM Module

Unanswered Question
Feb 11th, 2008

Hi all,

Can we use a single Virtual Context for filtering traffic from Multiple VLANs?. It should be any how possible b/c we are having a license of only 20 or 22 Virtual Contexts & lots Customer VLANs.

I tried to make a 2nd SVI(int Vlan56) an Internal interface but its not working......... Do help me out so that this context(Companyxyz-Internal) fiters traffic for multiple VLANs.

FWSM Firewall Version 3.2(2)

CFWSM-FW# sh run

interface Vlan30

description CUSTOMER-1

!

interface Vlan50

description External

interface Vlan56

description CUSTOMER-2

admin-context Companyxyz-Internal

context Companyxyz-Internal

description admin-context Companyxyz-Internal

allocate-interface Vlan30

allocate-interface Vlan56

allocate-interface Vlan50

config-url disk:/Companyxyz-Internal

join-failover-group 1

CFWSM-FW# changeto context Companyxyz-Internal

CFWSM-FW/Companyxyz-Internal#sh run

interface Vlan30

nameif inside

security-level 100

ip address 172.16.33.1 255.255.255.0 standby 172.16.33.2

!

interface Vlan50

nameif outside

security-level 0

ip address 172.16.66.4 255.255.255.248 standby 172.16.66.5

interface Vlan56

no nameif

no security-level

no ip address

CFWSM-FW/Companyxyz-Internal(config)# int vlan 56

**** WARNING ****

Configuration Replication is NOT performed from Standby unit to Active unit.

Configurations are no longer synchronized.

CFWSM-FW/Companyxyz-Internal(config-if)# nameif inside

WARNING: VLAN *56* is not configured.

ERROR: Name "inside" has been assigned to interface Vlan51

CFWSM-FW/Companyxyz-Internal(config-if)#

Regards,

Akhtar

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion