Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Understanding IDSM and FWSM intrachassis

I've looked through most of the messages on here, and I'm not understanding how to configure inline mode on an IDSM with multiple FWSM contexts.

As an overview, I have a single 7609 chassis with pair of FWSM's in active/standby and a single IDSM-2. Vlans 3001-3250 are my "inside" Vlans, and are part of a VRF (one distinct VRF per Vlan). Vlans 3251-3500 are my "outside" Vlans, each with a unique public /30 address. Context A gets 3001 and 3251, context B gets 3002 and 3252, etc.

If I want to do some form of inline inspection, is Vlan Pair the only choice? I assume Interface Pair isn't a choice because I don't have physical interfaces to use?


Re: Understanding IDSM and FWSM intrachassis

You can use IDM or the CLI to configure IDSM-2 to operate in inline mode between two separate VLANs (one VLAN for each side of IDSM-2). To prepare IDSM-2 for inline mode, you must configure the switch as well as IDSM-2

Here is the configuaration guide for the IDSM. Follow the guide it may help you.

New Member

Re: Understanding IDSM and FWSM intrachassis

Well, I'm going to need to be able to inspect traffic on every VLAN that comes out of the FWSM, so would inline (non-VLAN pair) still work? I've looked at the config guides, and I still don't get it. I can't seem to find any documentation on how to set up the VLAN's on the 7609.

CreatePlease login to create content