Yes -


but not directly from the FWSM. the FWSM simply becomes part of the switch, using its trunks, backplane, and forwarding logic to make a firewall ON THE SWITCH...


so to do this, simply assign the vlans to the FWSM on the switch in question with the switch fwsm commands


firewall module 4 vlan-group 2

firewall vlan-group 2 333,352


then configure a trunk to the other switch such as


int g1/48

switchport

switchport trunk encapsulation dot1q

switchport mode trunk

switchport trunk native vlan 999

switchport trunk allowed vlan 333,352


You now have the functionality you require.


just make sure you create the vlans..


vlan 333

vlan 352


etc.



The receiving switch can do what ever it wants with the tagged frames, put them on to router access ports, server access ports, etc.


-Joe



oops i read trunk and you said etherchannel.


same thing;


just tie two or more dedicated ports for an etherchannel trunk so like i had before but,


int range g1/47-48

channel-group 1 mode desirable


int port-channel1

switchport

switchport trunk en do

switchport trunk mode des

switchport trunk allowed vlan 333,352


-Joe

Actions

This Discussion