Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Cisco Employee

Accessing FWSM externally

I would like to assign an ip address to the FWSM and be able to access it externally. I have created a vlan-group and associated the module with the vlan that has been created on the switch. When trying to associate the FWSM interface to the Vlan that was created on the switch I get a 'Warning: VLAN *4* is not configured' error.

I am not sure if I went about assigning an ip address correctly.

If there is a certain procedure I should follow to accomplish this, please let me know what it is. Thanks

2 REPLIES
Cisco Employee

Re: Accessing FWSM externally

This is a sample config. This is all you would require to do to get the FWSM to work.

Thanks,

yatin

***** On FWSM *****

nameif vlan100 inside security100

nameif vlan200 outside security0

nameif vlan10 dmz1 security80

ip address inside 192.168.2.5 255.255.255.0

ip address outside 40.1.1.5 255.255.255.0

ip address dmz1 10.1.1.12 255.255.255.0

ip address inside 192.168.2.5 255.255.255.0

ip address outside 40.1.1.5 255.255.255.0

ip address dmz1 10.1.1.12 255.255.255.0

***** On Switch *******

firewall module 4 vlan-group 100

firewall vlan-group 100 10,100,200

interface FastEthernet2/3

no ip address

switchport

switchport access vlan 10

Cisco Employee

Re: Accessing FWSM externally

Thanks. This helped! I am now able to ping the FWSM from the outside. However, I am not able to telnet to it. I have created an access-list on the interface which should allow me to access it (permit ip any any). I can't telnet to it from the switch itself.

Thanks! Larissa

111
Views
0
Helpful
2
Replies
CreatePlease login to create content