×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

firewall trust and untrust interface in same cat4500

Unanswered Question
May 22nd, 2014
User Badges:

Hi

I want test FW infrastracture using a cat4500.

The firewall trust site is vlan 111 and the untrust site is vlan 222. 

I use two linux boxes for testing, and one in vlan 111, another one in vlan 222. and they are all connect to a cat4500 switch, which one port configured as vlan 111 and another port configure as 222.  I hope it will present the face that one linux behind firewall and one on another site.

when I push traffic through, are they will all go through the FW, or only first few packet go through FW and rest just go from one port to another directly?

my purpose is testing FW capacity.

It is a simple question, but, I am confused now.

Any comments will be appreciated

 

Thanks in advance

julxu

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Reza Sharifi Fri, 05/23/2014 - 10:49
User Badges:
  • Super Bronze, 10000 points or more
  • Cisco Designated VIP,

    2017 LAN

Hi,

As long as the devices are configured correctly, the device sitting behind the firewall will send all packet to the firewall first and out to the other host.

HTH

Actions

This Discussion