I have a few basic question with respect to having a pair of 6509 with FWSM modules. Prior to this, I have worked with Checkpoint and that was sometime back.
Just want to to confirm on the following :-
i) Since I have a pair of FWSM, I need to create the same rules to both the FWSM context right ?
ii) I am using the ASDM to make changes and after the rules are created under the 'Access Rules' tab, I need to save it and then apply' it for it to become
Would this be correct ? Is there anything else that I should know that I have not stated ?
ad1. In failover you need to apply changes only on one (active) unit or one (active) context.
You can check "show failover" to understand whether you are on active unit/conext (cli available both in system and separate contexts)
ad2. You need to do only "apply" in ASDM which will send command to FWSM. "save" will write changes to memory - those changes will persist over reload.
Hope that helps,