Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1036
Views
8
Helpful
9
Replies

Unknown interface vlan on fwsm

cfajardo1_2
Level 1
Level 1

‎03-17-2008 04:59 AM - edited ‎03-09-2019 08:19 PM

ive done the ff. on the msfc

firewall module 2 vlan-group 1

firewall vlan-group 1 100,200,300

interface Vlan100

no ip address

!

interface Vlan200

no ip address

shutdown

!

interface Vlan300

no ip address

shutdown

BUT WHEN I DO THE FF ON THE FWSM

int vlan 300

i get the foloowing

FWSM# conf t

FWSM(config)# int vlan 300

Unknown interface vlan.

the fwsm is not recognizing my vlan. what is missing?

thanks

Labels:
0 Helpful
9 Replies 9

Jon Marshall
Hall of Fame
Hall of Fame

‎03-17-2008 05:12 AM

Hi

Have you created the vlans at Layer 2 ie. if you do a "sh vlan" on the 6500 do you see your vlans ?

You do not create layer 2 vlans by entering

int vlan300

no ip address

shutdown.

If you want vlan 300 to be firewalled then please

1) remove the "interface vlan 300" from the 6500 ie.

6500(config)# no interface vlan 300

2) Add the vlan at layer 2 on the 6500 ie.

6500(config)# vlan 300

6500(config-vlan)# name vlan300

Do this for all vlans you want to firewall.

Jon

cfajardo1_2
Level 1
Level 1
In response to Jon Marshall

‎03-17-2008 05:27 AM

Router#sh firewall vlan-group 1

Group Created by vlans

----- ---------- -----

1 FWSM 100,200,300

sh vlan

100 vlan100 active

200 vlan200 active

300 vlan300 active

but still the same on fwsm

FWSM(config)# int vlan 300

Unknown interface vlan.

FWSM(config)#

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to cfajardo1_2

‎03-17-2008 05:29 AM

Is yout firewall running in single mode or multiple context mode ?

Jon

0 Helpful

cfajardo1_2
Level 1
Level 1
In response to Jon Marshall

‎03-17-2008 05:37 AM

but on the fwsm sh vlan

FWSM# sh vlan

100, 200, 300

FWSM#

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to cfajardo1_2

‎03-17-2008 05:30 AM

Is yout firewall running in single mode or multiple context mode ?

Jon

cfajardo1_2
Level 1
Level 1
In response to Jon Marshall

‎03-17-2008 05:35 AM

i was just running single mode initialy

0 Helpful

cfajardo1_2
Level 1
Level 1
In response to Jon Marshall

‎03-17-2008 05:41 AM

FWSM Device Manager Version 4.1(5)

and i was just wondering why the nameif command is on the

FWSM(config)# nameif ?

Usage: nameif

no nameif [if_name] [security_lvl]

i was expecting it to be ion the interface mode

0 Helpful

cfajardo1_2
Level 1
Level 1
In response to Jon Marshall

‎03-17-2008 05:58 AM

another thing, the fwsm OS looks like old one

FWSM Version 2.3(4)

0 Helpful

cfajardo1_2
Level 1
Level 1
In response to Jon Marshall

‎03-17-2008 06:54 AM

JON...THIS IS AN IOS ISSUE...LUCKILYY I KNOW A BIT OF THE OLD PIX OS...IT WORKS BUT ILL LET CISCO UPGRADE IT...ITS HAVING PDM TOO

THANKS A LOT

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents