I am running a 6509 w/Native IOS 12.1(19)E1. There is a command "firewall (multiple-vlan-interfaces)". I can not find any information on this command. I suspect that it has to do with Vlan interfaces on the MSFC connecting to the FWSM. Does anyone know what it's for or can direct me to information on this command.
This is a new command that was recently added to Cat6K code to allow multiple SVI's for VLAN's associated with a FWSM. In the past, you were restricted to having one SVI per all VLAN's associated with the FWSM. This was done primarily to prevent you from shooting yourself in the foot and allowing traffic to bypass the FWSM by routing it directly between SVI interfaces on the MSFC. In most cases, this command is not necessary and if you do enable it, you will need to configure policy routing to make sure traffic does not bypass the FWSM. Hereis a link to the release notes that discuss this new command (briefly). Hope this helps.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...