Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Configure CSPM 3.0 to manage existing IOS router and PIX firewall

Hi all,

Below are the queries:

1)How do I configure all my current firewalls rules ate PIX and current access-list at my IOS router? Can I just import my PIX firewall and IOS router configurations into my CSPM?

2)Do I need to add the access-list and PIX Firewall rules into my CSPM Policy Rules?

3)If I use sub-interface for my IOS router, (for example int fastethernet 1.0.1) and I am running vlan trunking, what can i add this encapsulation dot1q commands into my CSPM?

4)I am running HSRP and I add two addresses into each of the interface, the first address is my HSRP address, the second is the real interface ip address. After i save and update, there is a warning that the HSRP address appear on two different routers(one is my active router, the other is my standby router). Is this warning ok?

For your assistance, pls. Thank you.

New Member

Re: Configure CSPM 3.0 to manage existing IOS router and PIX fir

No. You can't import the configurations. You need to learn CSPM and create the security policy for your network through the interface. With that, you can then push this policy through your network to your devices including the PIX. Also, you might need to append some ACL's in CSPM to support the specific rules you need in your network. You should work with your Cisco SE and/or TAC rep in setting this up.

CreatePlease to create content