Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1534
Views
0
Helpful
2
Replies

how many FWSM in VSS (6509-E) ?

emil.krajci
Level 1
Level 1

‎03-16-2010 12:12 PM - edited ‎03-06-2019 10:10 AM

Hi,

We will be implementing  VSS with FWSM.

How many FWSM modules do we need for this configuration?

  >> one FW module per 6509-E at minimum or can we use only one FWSM per VSS ?

I have tried to find any recomendation on cisco doc , but without success, all the time I found redundant FWSM but question is : IS one FWSM module per VSS enough or what critical issue could arise here?

A problem can appear when active node with fwsm module fails

could someone shed some light here please?

thx

emilio

Labels:
0 Helpful
2 Replies 2

Reza Sharifi
Hall of Fame
Hall of Fame

‎03-16-2010 12:27 PM

Hi Emilio,

You need one FWSM in each chassis and they both need to be in the same vlan.

pod2-vss#sh run

Building configuration...

firewall switch 1 module 5 vlan-group 5

firewall switch 2 module 5 vlan-group 5

Have a look at this document:

http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/white_paper_c11_513360.html

HTH

Reza

0 Helpful

emil.krajci
Level 1
Level 1
In response to Reza Sharifi

‎03-20-2010 01:53 AM

Hi all,

I have wrote with Cisco and this is a result :

one FW module per 6509-E at minimum or can we use only one FWSM per VSS ?

-You can have just one FWSM in the Active . You don’t need to have it as mandatory in the Standby as well . But you won’t have redundancy as there would be only single FWSM

Other question

(one  FWSM per VSS)

[DC A [nodes R1 and R2] and DC B [nodes R3 and R4] from left to right]

DWDMs link is configured from R1<->R3 and R2<->R4and 2x10 Gb link between R1 <> R2 and R3 <> R4 in each DC

so if FWSM on R1 fails all traffic from DC A will be forwarded to FWSM at DC B on R3 , so during maintenance all traffic for FWSM will be handled by DWDM link.

(2  FWSMs per VSS and cluster of four FWSM)

Server are configured as clusters with primary cluster node at DC A and standby cluster node at DC B

I need configure one FW cluster with ONE IP regarding to server clusters, which are Active at DC A and standby at DC B.

For this reason they need one unique IP address as DG, without 1 IP, server cluster conf is useless

question is :It is desired that both cluster nodes have same DG configured

answer : this  is not possible

I hope this helps someone.

Preview file
25 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card