I'm configuring a couple of FWSM's (2.2 and 2.3) as devices in MARS. When I add the FWSM as a device, what do I enter as the device name and reporting / access IPs? Should the device name and / or IP info be the same as the FWSM's admin context? or should I be worried about using the name of the system context, etc.?
I gather once this is done (FWSM is defined as a device), the only "contexts" I need to define are the security contexts (i.e. I don't need to explicilty define an admin context within the list of defined contexts for the FWSM...?)
am I making sense? the docs are just too ambiguous
where I'm getting confused is at the onset of the fwsm config. sorry if I'm being a bit vague - the fw admins sent me the basic config info to plug into MARS so I can't speak to the entire fwsm or any particular context config. The MARS box can currently grab syslogs from anywhere and everywhere.
system context hostname "fwsm1"
admin context "fwsmadmin", hostname adminhost"
security context "fwsmsec1" hostname "sechost"
Note that each context has a hostname associated with it which does not match the respective context name - not sure what the original logic was there - or if I even need to be concerned about the hostname parameter.
anyway, I want the admin context and the security context to report (syslog) to MARS.
I understand I need to add the cat-os switch as a device in MARS, then add the fwsm as a module under the cat-os switch device config - so do I then have to:
1) use the fwsm system context info (i.e. "fwsm1", etc.) to define the module, and then add both the admin context and the security context under the fwsm module definition, or
2) use the fwsm admin context info (i.e. "fwsmadmin") to define the fwsm module in MARS, and then add just define the security context as "context" under that fwsm module definition?
you may have gathered that I'm not a firewall guru by any stretch - just want the fwsm and all related contexts to be set up in logical meaningful (sane) way on the MARS config.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...