Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

FWSM config in CS-MARS

I'm configuring a couple of FWSM's (2.2 and 2.3) as devices in MARS. When I add the FWSM as a device, what do I enter as the device name and reporting / access IPs? Should the device name and / or IP info be the same as the FWSM's admin context? or should I be worried about using the name of the system context, etc.?

I gather once this is done (FWSM is defined as a device), the only "contexts" I need to define are the security contexts (i.e. I don't need to explicilty define an admin context within the list of defined contexts for the FWSM...?)

am I making sense? the docs are just too ambiguous



New Member

Re: FWSM config in CS-MARS

It would depend on what you want to see in MARS, and want you want MARS to do.

Sending syslog messages from the contexts is easy enough...set logging parameters in each context, and 1-2-3 go.

Regarding your are the contexts configured, regarding IP addresses? Are there transit VLAN's? Where does MARS reside?

New Member

Re: FWSM config in CS-MARS

where I'm getting confused is at the onset of the fwsm config. sorry if I'm being a bit vague - the fw admins sent me the basic config info to plug into MARS so I can't speak to the entire fwsm or any particular context config. The MARS box can currently grab syslogs from anywhere and everywhere.

example -

system context hostname "fwsm1"

admin context "fwsmadmin", hostname adminhost"

security context "fwsmsec1" hostname "sechost"

Note that each context has a hostname associated with it which does not match the respective context name - not sure what the original logic was there - or if I even need to be concerned about the hostname parameter.

anyway, I want the admin context and the security context to report (syslog) to MARS.

I understand I need to add the cat-os switch as a device in MARS, then add the fwsm as a module under the cat-os switch device config - so do I then have to:

1) use the fwsm system context info (i.e. "fwsm1", etc.) to define the module, and then add both the admin context and the security context under the fwsm module definition, or

2) use the fwsm admin context info (i.e. "fwsmadmin") to define the fwsm module in MARS, and then add just define the security context as "context" under that fwsm module definition?

you may have gathered that I'm not a firewall guru by any stretch - just want the fwsm and all related contexts to be set up in logical meaningful (sane) way on the MARS config.