Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

FWSM Traffic

Dear all,

I want to Implement the below scenerio, kindly advise.

In 6509 I configured FWSM, how can I send traffic of DMZ interface to IPS appliance of 4270.

thanks & regards

1 REPLY

Re: FWSM Traffic

You can configure the FWSM in multiple ways with the MSFC (MSFC Inside, Outside etc.)

You can use the IDSM in inline VLAN pair mode. With MSFC outside you can set the default gateway of all the machines in DMZ segment to the FWSM's Virtual Interface for the DMZ zone. The SVI you create on FWSM can be vlan 700 for example named 'DMZ'. Create another VLAN on the core switch (or the switch connecting the servers) and name it 100. Now the server access ports will belong to VLAN 100. But FWSM will have vlan 700 (So the server's default gateway will actually lie in vlan 700). The IDSM module will bridge both of these vlans (100 and 700). This will of course happen at Layer 2.

Regards

Farrukh

157
Views
0
Helpful
1
Replies
CreatePlease to create content