Problems with a FWSM Catalyst6509

Unanswered Question
Jan 19th, 2009

Hi. I have a problem with VLAN that is in a FWSM. This belongs to Vlan computer rooms that have private address 172.16.0.0 mask 255.255.248.0, the IP addres of the VLAN in the FWSM is 172.16.0.1 - 1 months since I am experiencing the PING between PC's of the rooms I was lost and hence the connection to the server in the halls, which belong to the same IP range, you can not do. The strange thing is that when I disconnect the link from the edge switch rooms and Core6509, traffic is restored in the rooms, obviously there is no Internet access, but can access the servers and give PING between PC's rooms. Someone who has had this problem and learn how you can help me solve it? I reconfigured the FWSM VLAN but the problem persists. Thank you very much. (I'm sorry with my english that is no perfect)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
umedryk Sun, 01/25/2009 - 10:14

The problem might be the mismatch VLAN assignment across the firewall (FWSMs and supervisors). For example, in the Firewall vlan-group 1 statement, the same number of VLANs assigned on each switch to the firewall can vary. This might cause the issue. If you assign the same number of VLANs in the firewall, then failover will work.

Note: For failover to work, the FWSM requires identical configurations and port assignments. It is possible to do inter-chassis failover, but each VLAN assigned to the firewall must be in the trunk between the two chassis.

FWSM does not include any external physical interfaces. Instead, it uses VLAN interfaces. Assigning VLANs to the FWSM is similar to assigning a VLAN to a switch port. The FWSM includes an internal interface to the Switch Fabric Module (if present) or the shared bus. For more information, refer to below URL:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/switch_f.html#wp1175820

Be aware that the VLAN mapping can get modified during a working FWSM setup and will fail during next boot.

Actions

This Discussion