We have 2621XMs at a few of our sites
I am looking to purchase a 2621XM for a site that needs a DMZ and Internet connectivity. I am considering using the IOS firewall for now because the PIX is not an option (monetary constraints). I am looking at the 16 port switch module for the 2621XM.
fe0/0 --- LAN
fe0/1 --- WAN to other intRAnet sites
vlan 2 (physical ports 1-15) --- DMZ
vlan 3 (physical port 16) ------- Internet (CBAC, IDS, VPN)
Can I apply NAT, CBAC, IOS IDS, and terminate ipsec connections on the logical VLAN interface?