Add vlan in FWSM

Unanswered Question
Oct 7th, 2009
User Badges:

hi,


Newbie question here. how can i add a vlan to a fwsm module. What are the steps i should do? And also, can i directly assign the vlan i add to fwsm directly to a switchport (i.e. access switch)


thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 10/07/2009 - 03:57
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Roselyn


It depends on whether you already have vlans assigned to the firewall or not. If you do then simply add the vlan you want to assign ie.


firewall vlan-group 20 11,12,16 <-- the vlan you added was 16, and firewall vlan-group 20 already existed in the 6500 config with vlans 11,12 already assigned.


If you haven't assigned any yet then you need an additional step ie.


firewall vlan-group 20 16

firewall module 7 vlan-group 20


where 7 in the firewall module command is the slot the FWSM is in in your 6500 chassis. See this link for full details -


http://www.cisco.com/en/US/docs/security/fwsm/fwsm31/configuration/guide/switch_f.html#wp1175820


"And also, can i directly assign the vlan i add to fwsm directly to a switchport (i.e. access switch)"


Yes you can ie. you have a vlan you want to firewall. You assign it to the firewall as above, configure the FWSM and then allocate the switchports of the devices you want to firewall to that vlan.


Jon

Actions

This Discussion