Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Telnet, PDM, Syslog, SNMP configuration for FWSM

I'm installing a fwsm ( multiple security contexts) where the inside interfaces (Scada, Meters, etc) are being protected from Corporate Users. I need to be able to manage from the outside interface, or from the admin context routed from the outside, or shared vlan configuration using multiple contexts. The management systems are located on the outside(Corporate Side)were Cisco Works, VMS , Sylog Servers are located. A site to site VPN would resolve this issue, but isn't there an easier way to perform the same functions since this is an FWSM configuration. If not, what are my limitations when it comes to security level. Does the FWSM only resond to the inside interface security level 0 or any interface except the outside interface security level 100?

1 REPLY
Silver

Re: Telnet, PDM, Syslog, SNMP configuration for FWSM

For your information, here is a set of rules to be followed for assigning security level to an interface.

To define an interface for a FWSM:

a. Enter the identification number of the Virtual Local Area Network (VLAN) associated with the FWSM

interface in the VLAN ID field. Values are 1-4095.

b. Select the Interface Enable check box.

c. Enter the interface name.

--------------------------------------------------------------------------------

Note The inside and outside interfaces are partially defined for the Global group by default;

however, you must edit the interfaces to include the additional information.

--------------------------------------------------------------------------------

d. Enter the security level that the interface will enforce. Valid values are 0-100 (100 = greatest

security level).

Outside interface is always 0.

Inside interface is always 100.

DMZ is 1-99. (Interfaces set to the same security level cannot communicate with each other.)

324
Views
0
Helpful
1
Replies