I want to configure FWSM in 6509 switch as a internal firewall :
I have below doubts about FWSM configuration :
To login to FWSM , i can go to the perticular session slot ..no proc ..no
and login with username and password
below is my scenario :
I have couple of VLANs and that are configured on the same 6509 switch and now i want to apply some policy like restricting intervlan communication for some vlans and restricting some virtual port for some server to access.how do i achieve it ?
As i gone through some documents ... it is mentioned that I need to create VLAN( which i need to restrict for some applications ) in FWSM module instead of switch 6509 and there i need to configure the policies whichever i need and then i need to apply on perticular interface vlan ( SVI VLAN )
is that so ?
or i can create vlan as it is in the switch 6509 only and after creating the group in FWSM, i will have to add vlan ( which i need to restrict for some applications ) in that group .
My main purpose to add FWSM module is , i need to restrict some vlans to access some network applications as well intervlan communication or server access ?
How do i configure it ?
It would be great help for me to go ahead and configure it after understanding ,
You can create a new vlan and assign it to the FWSM or you can assign an existing vlan to the FWSM but if you assign an existing vlan to the FWSM to be firewalled then you must remove the L3 SVI for that vlan. See this thread for a guide on how to config FWSM -
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...