Has anybody deployed FWSMs to firewall campus traffic? we are trying to deploy 2 FWSMs on our 2 Cores Routers which are fully meshed to Internet Edge routers and Distribution layer router, so Asymmetric Routing and FO are must, unfortunately we can not test it out in Lab since it would need 2 SUP720s.
I have two brand-new 3.1 FWSM, which would deploy into our Core routers, so I would have to change the current fully-mesh L3 p2p links between Core and Internet-Edge routers, to L3 VLan, also since we don't have such luxury to have two spare SUP720s to test it out, and CCO gives very limited document about how to configure active/active and asymmetric routing while it might be very simple and stright forward, but looks like it's a black box to me though, we have another 2 FWSM which is runing 2.3 in inter-chasis active-standby and would promote them to active/active next year.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...