I'm wondering if anyone can tell me if I'm on track with this. First let me say that I don't know the FWSM at all (I know the ASA, but not this module). I am going to be retiring two old 6500 chassis which contain 2 FWSMs running in active / standby and moving them into two new 6500 chassis running VSS.
I have the new VSS up and am staging the FWSM part of the configuration. I don't have spare modules to install so I am entering the configurations with no corresponding modules (VSS seems to be taking the config okay). Here is what I have configured on the VSS 6509E:
svclc switch 1 module 9 vlan-group 1
svclc switch 2 module 9 vlan-group 1
firewall switch 1 module 9 vlan-group 1
firewall switch 2 module 9 vlan-group 1
firewall vlan-group 1 100,200,300,400
I've created an interface VLANs for the inside interface-VLAN 200. All of this is copied from the current configuration (no changes). I understand from the docs that you should only have a single interface (right?).
So with the configuration above, I think I have this finished. Here are my newbie questions:
- On cutover night, can I just pull the FWSMs and install them into slot 9 on each VSS chassis w/o further configuration?
- Will I lose any of the FWSM configuration when I do this? I'll have backup's of the config, but need to know if I should be prepared to apply them right away?
- What else do I not know that might "kill" me on cutover night?
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...