C6509, FWSM Failover, C3560G, Vlans

Unanswered Question
Apr 29th, 2010
User Badges:

Hi,



I have the folowing network scenario:


In the central node:

   1 Catalyst 6509

   2 FWSM (failover and routed mode configured)


In the remote locations:

    1 Catalyst 3560G


I want to have more than one vlans behind catalyst 3560G switches.

How i configure the firewall and the routing between FWSM and C3560G?



Scenario is presented in the attached draft (tested for one vlan).


Thank you.

Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Jon Marshall Thu, 04/29/2010 - 10:36
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

ioan_ploscariu wrote:


Hi,



I have the folowing network scenario:


In the central node:

   1 Catalyst 6509

   2 FWSM (failover and routed mode configured)


In the remote locations:

    1 Catalyst 3560G


I want to have more than one vlans behind catalyst 3560G switches.

How i configure the firewall and the routing between FWSM and C3560G?



Scenario is presented in the attached draft (tested for one vlan).


Thank you.


Not sure what your query is ?


Is the 3560G routing the vlans or are they meant to be routed on the FWSM ?


Jon

ioan_ploscariu Fri, 04/30/2010 - 04:50
User Badges:

I want the FWSM to make NAT for vlans even if one firewall module failed and the PC behind switches  to have internet access through firewall module.


How i configure the firewalls and the switches to make this happen?


Thank you.

Ganesh Hariharan Fri, 04/30/2010 - 05:20
User Badges:
  • Purple, 4500 points or more
  • Community Spotlight Award,

    Member's Choice, February 2016

I want the FWSM to make NAT for vlans even if one firewall module failed and the PC behind switches  to have internet access through firewall module.


How i configure the firewalls and the switches to make this happen?


Thank you.


Hi ,


For above requirement create a trunk configuration between 3560G and 6509 switch and push those vlans into FWSM,Drop the gateways of the pc to FWSM vlan interface and drop a reverse route for vlan subnet towards the switch side.


For failover configuration on FWSM Active/passive check out the below link

http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/asdm52f/user/guide/switch.pdf


For natting configuration in FWSM check out the below link


http://www.cisco.com/en/US/docs/security/fwsm/fwsm22/configuration/guide/quick.html


Hope to help !!


Ganesh.H


Remember to rate the helpful post

Actions

This Discussion

Related Content