Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

FWSM behind ACE module

Scenario:

Internet Client request hits the FWSM and then gets routed to ACE module for load balancing.

VLANs defined on FWSM are 5 (outside), 6 (DMZ), 7 (inside). Client requests are forwarded to DMZ segment where server farm is located.

My question is whether the client VLAN on the ACE module should be the same as DMZ VLAN on FWSM i.e. VLAN 6.

Rgds.

1 ACCEPTED SOLUTION

Accepted Solutions

Re: FWSM behind ACE module

in this case correct

because in this case the path will baypass the FWSM

good luck

if helpful rate

3 REPLIES

Re: FWSM behind ACE module

ofcourse it must be

if not how they gonna comunicate

they should be on the same vlan and the same ip subnet

imagnate exactly like to directly connected interface!!

but dont make SVI for this VLAN on the MSFC

if helpful Rate

Community Member

Re: FWSM behind ACE module

So for the SVI, it would have been defined if the client VLANs were not going through FWSM, but would have hopped across different VLANs via the MSFC. Is it correct ?

Re: FWSM behind ACE module

in this case correct

because in this case the path will baypass the FWSM

good luck

if helpful rate

149
Views
5
Helpful
3
Replies
CreatePlease to create content