This is the problem : I need to receive from a GigaEth both some multicast streams and a unicast control traffic to be filtered. So, on a 3750 there is a trunk vs data provider, and Interface Vlan X for mcast and Vlan Y for outside unicast in global space. Than a Vlan Z in a separate vrf for inside. Pix is connected on L2 port Vlan X for outside and on L2 port Vlan Z for inside. It doesn't run !!! It seems to be unable to resolve arp ...
The actual 3750, will become in a short time a 650x sup 720B, but I am not sure if we have a better results.
To make this happen a FWSM module has to be installed in the Catalyst 6500 series switch. The FWSM features has the following features
Layer 2 Firewall (transparent mode)
Layer 3 Firewall (route and/or NAT mode)
Mixed Layer 2 and Layer 3 firewall per FWSM
Dynamic/static NAT and PAT
Destination NAT for Multicast
Static routing support in single- and multiple security context mode
Dynamic routing in single security context mode: Open Shortest Path First (OSPF), Routing Initiation Protocol (RIP) v1 and v2, PIM Sparse Mode v2 multicast routing, Internet Group Management Protocol (IGMP) v2
Transparent mode supports static routing only
Asymmetric routing supporting without redundancy by using asymmetric routing groups
IPv6 networking and management access using IPv6 HTTPS, Secure Shell Protocol (SSH) v1 and v2, and Telnet
Introduction: The "external-out enable" command is available for
configuration under the "router ospf process" in case of the IOS-XR
operating system. This command basically enables advertisement of
intra-area routes on the device as external routes in th...
Introduction Basic configuration for netflow Scale parameters for
netflow Netflow support Architecture Packet flow for netflow Inside the
LC CPU Netflow Cache size, maintenance and memory Sample usage Cache
Size Aging Permanent cache Characteristics Which...