One context behind the other with shared Vlan in FWSM

Unanswered Question
Jan 12th, 2010
User Badges:

Is it possible to put one context behind the other in FWSM to make it 2-Layers of security.So the traffic will hit C1 first and then

goes to C2.The outside of C2 and inside of C1 are shred interface, single Vlan.The outside of C1 goes to MSFC.Has anybody tried that...


Sanjay

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 01/13/2010 - 05:08
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

sanjay.sangwan wrote:


Is it possible to put one context behind the other in FWSM to make it 2-Layers of security.So the traffic will hit C1 first and then

goes to C2.The outside of C2 and inside of C1 are shred interface, single Vlan.The outside of C1 goes to MSFC.Has anybody tried that...


Sanjay


Sanjay


This is known as cascading contexts and no it is not possible on the FWSM. From the FWSM 4.0 configuration guide -



Note The FWSM does not support sharing the outside interface of one context with the inside interface of another context (known as cascading contexts). Traffic that is outbound from one context (from a higher to a lower security interface) can only enter another context as inbound traffic (lower to higher security); it cannot be outbound for both contexts, or inbound for both contexts.



Full link -


FWSM contexts


Jon

Actions

This Discussion