Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco Employee

Accessing FWSM externally

I would like to assign an ip address to the FWSM and be able to access it externally. I have created a vlan-group and associated the module with the vlan that has been created on the switch. When trying to associate the FWSM interface to the Vlan that was created on the switch I get a 'Warning: VLAN *4* is not configured' error.

I am not sure if I went about assigning an ip address correctly.

If there is a certain procedure I should follow to accomplish this, please let me know what it is. Thanks

Cisco Employee

Re: Accessing FWSM externally

This is a sample config. This is all you would require to do to get the FWSM to work.



***** On FWSM *****

nameif vlan100 inside security100

nameif vlan200 outside security0

nameif vlan10 dmz1 security80

ip address inside

ip address outside

ip address dmz1

ip address inside

ip address outside

ip address dmz1

***** On Switch *******

firewall module 4 vlan-group 100

firewall vlan-group 100 10,100,200

interface FastEthernet2/3

no ip address


switchport access vlan 10

Cisco Employee

Re: Accessing FWSM externally

Thanks. This helped! I am now able to ping the FWSM from the outside. However, I am not able to telnet to it. I have created an access-list on the interface which should allow me to access it (permit ip any any). I can't telnet to it from the switch itself.

Thanks! Larissa

CreatePlease login to create content