Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

fwsm inside interface with svi(w/o ip address) in the switch not working

I am running FWSM 3.2(1) code and catalyst 6500 IOS 12.2(SXF11)

in the switch:

vlan 100 name outside

vlan 200 name inside

int vlan 100

description - outside

ip address 10.128.252.1 255.255.255.0

int vlan 200

description - inside

no ip address

in the FWSM

context test

int vlan 200

nameif outside

bridge-group 1

security-level 0

int vlan 100

nameif inside

bridge-group 1

security-level 100

int bvi1

ip address 10.128.252.2 255.255.255.0

But this is not working. we can ping the 10.128.252.2 from the switch, can't ping anything beyond that in the inside LAN. Within inside LAN, communication within is fine, but can't beyond gateway. What's the cause?

Why do we have a SVI for inside interface without IP address?

At one time, we hade firewall issue, so we just created a new svi to bypass the firewall after shutdown the int vlan100.

Thanks for the explanation.

3 REPLIES
New Member

Re: fwsm inside interface with svi(w/o ip address) in the switch

New Member

Re: fwsm inside interface with svi(w/o ip address) in the switch

Sure, I looked at this before :-)

My question is

shutdown/no shutdown the inside vlan SVI w/o IP address will have such big effect.

I am having hard time try to understand this.

New Member

Re: fwsm inside interface with svi(w/o ip address) in the switch

Well the SVI interface in the Supervisor will be use for management of the switch and internal/external routing. You will always need an SVI with an IP to manage the switch, but doesn't have to be in a vlan assign to the FWSM.

145
Views
0
Helpful
3
Replies
CreatePlease to create content