09-25-2009 07:34 AM - edited 03-06-2019 07:53 AM
I have a 2811 router with a single BVI to a 2960 switch with 3 vlans. There is a transparent firewall on the 2811 router. Currently, traffic between 2 nodes on the same vlan segment traverses the transparent firewall causing latency. Is there a way to configure the vlan on the switch such that traffic will not be passed through the firewall when not leaving the vlan?
For example, a LAN based Nessus scan of hosts on VLAN1 from a port on VLAN1 causes the utilization on the router memory and processor to 100%. Thanks,
Dave
09-25-2009 09:02 AM
Are you running CBAC or a zone based firewall? Where is the policy for the firewall applied?
HTH,
John
09-25-2009 09:11 AM
Zone based firewall, policy is applied to the BVIs. Such as
policy-map type inspect BVI1
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: