Hi Jon,

Thanks for your reply,

Where I need to create the L3 SVI and how may i configure it, please may I know some more details,

As far topology is concerned so as follows:

L2 switch>FWSM core(L3)>FWSM> Gateway(for the external).

Please I will very appreciate to you if you could brief me more clear as I am new for the FW stream.

Hi

Which suprevisor do you have in your 6500 switches ?

Your topology

L2 switch - is this the 6500 switch that the FWSM's are in or is it a separate switch.

It's still unclear as to how your firewalling is setup.

An SVI is a vlan interface on your 6500. So lets say you have a vlan 100 that you do not want to go through the FWSM. On your 6500 switch

interface vlan 100

ip address x.x.x.x "subnet mask"

no shut

But i need some more details to give you a proper solution.

Jon

Hi Jon,

Many thanks for your prompt reply,

My topology is like L2(DMZ switch) connected to the core switch(6509) and core switch is connected to FWSM core router(L3) and logically FWSM core router(L3) connected to the Gateway for external area. FWSM resides between FWSM core router(L3) and Gateway. We have a physical connection towards to the gateway from the DMZ switch.

We are using the version 12.2 for the FWSM core router(L3) and Version 3.1(6) for the FWSM.

Inside the L2 DMZ switch we are using sup2.

I believe now you will be having more clear picture.

Thanks in advance,

Regards,

Devender Rawat

How many FWSM the 6509 has?

The External Gateway is connected in the VLAN that it's define as the Outside?

Subnet that you want to bypass it's part of the inside VLAN?

Hi Jon,

Thanks once again and we have only one FWSM in 6509 and the traffice which we need to bypass is inside traffic also whenever any traffic come from outside for the vlan so that should also bypass the FWSM.

I feel sorry if anything is still unclear for you.

Thanks,

Regards,

Devender