Hello, we are considering an FWSM but aren't sure how it will integrate into our network... Our core consists of a 6500 divided into approx 6 vlans... 1 Vlan for a residential network, (Further subnetted at the access layer) 4 vlans for an administrative network, and 1 vlan for internet access. OSPF is run on most of these SVIs. We want to separate these areas into 3 distinct security zones... Is this possible with transparent mode? Thanks in advance,
Yes, that was one of the caveats I read.. I wasn't sure if they were referring to 2 phys or SVI interfaces in the documentation.. Anyway if it can be done with routed mode that would be fine, I figured transparent mode would be simpler but I guess not. Would each security zone be considered a "context" or am I confused? :) The terminology is foreign to me, coming from the netscreen area.
Thanks for the replies, I now understand the best way to implement the FWSM for our network. It doesn't look like transparent mode will work out but routed mode should work out fine. Our only issue is the use of VLAN1 (our largest administrative network) which from the manuals cannot be used on the FWSM.. What I am thinking is keeping that VLAN on the MSFC.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...