02-11-2008 07:29 AM - edited 03-11-2019 05:01 AM
Hi all,
Can we use a single Virtual Context for filtering traffic from Multiple VLANs?. It should be any how possible b/c we are having a license of only 20 or 22 Virtual Contexts & lots Customer VLANs.
I tried to make a 2nd SVI(int Vlan56) an Internal interface but its not working......... Do help me out so that this context(Companyxyz-Internal) fiters traffic for multiple VLANs.
FWSM Firewall Version 3.2(2)
CFWSM-FW# sh run
interface Vlan30
description CUSTOMER-1
!
interface Vlan50
description External
interface Vlan56
description CUSTOMER-2
admin-context Companyxyz-Internal
context Companyxyz-Internal
description admin-context Companyxyz-Internal
allocate-interface Vlan30
allocate-interface Vlan56
allocate-interface Vlan50
config-url disk:/Companyxyz-Internal
join-failover-group 1
CFWSM-FW# changeto context Companyxyz-Internal
CFWSM-FW/Companyxyz-Internal#sh run
interface Vlan30
nameif inside
security-level 100
ip address 172.16.33.1 255.255.255.0 standby 172.16.33.2
!
interface Vlan50
nameif outside
security-level 0
ip address 172.16.66.4 255.255.255.248 standby 172.16.66.5
interface Vlan56
no nameif
no security-level
no ip address
CFWSM-FW/Companyxyz-Internal(config)# int vlan 56
**** WARNING ****
Configuration Replication is NOT performed from Standby unit to Active unit.
Configurations are no longer synchronized.
CFWSM-FW/Companyxyz-Internal(config-if)# nameif inside
WARNING: VLAN *56* is not configured.
ERROR: Name "inside" has been assigned to interface Vlan51
CFWSM-FW/Companyxyz-Internal(config-if)#
Regards,
Akhtar
02-11-2008 01:12 PM
Couple things.
It looks like you are trying to add the new config to the standby unit which is causing the first error.. and 2nd ... Did you add vlan 56 to the firewall vlan-group statement on the supervisor?
should look something like
firewall vlan-group 1 30,50,56
02-11-2008 08:20 PM
Vlans are already added to Firewall vlan-group......
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide