Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
627
Views
0
Helpful
1
Replies

ZBF on 3925 with service module

maxime.gerges
Level 1
Level 1

‎08-07-2012 06:57 AM - edited ‎03-07-2019 08:11 AM

hello everyone,

I got a question regarding Zone Based Firewall and service module on a 3925 router. In fact, i want to acquire à 3925 router with the Security plus license to implement ZBF and filter inter-vlan traffic and especially inside-->outside traffic. The 3925 will be added a Service Module SM-ES3G-16-P to implement routed port (physical) and SVI (Switched Virtual Circuit).

In fact each VLAN will be connected to an SVI according to this figure :

Capture.PNG

My question are pretty simple :

  • Is it possible to created ZBF rules and specified the SVIs attached to the service module (ZBF won't apply only on the 3 integrated interfaces of the 3925) ?
  • I also want to know if it is possible to implement WCCP on SVI located in the inside area ?
  • Would SVI on the outside handle NAT/PAT ?
Labels:
Preview file
106 KB
0 Helpful
1 Reply 1

maxime.gerges
Level 1
Level 1

‎08-08-2012 12:29 AM

A cisco sale representative (cisco.com chat) told me that ZBF and EtherSwitch service module are compatible but I might say i really doubt on that as the service module runs on a different IOS than the hosting router.

Has anyone an done such a design ?

I also saw that EHWIC module are available and compatible with SVI but restricted to a maximum of 15 SVI per module. Can anyone confirm that ?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card