Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

FWSM and ACE VLAN Assignment

Hi all,

Just a quick one, I?m trying to find some documentation on interoperability using the FWSM and ACE line cards for the 6500 series. Basically my question is once a VLAN has been assigned to the FWSM can be assigned to the ACE as well (at the same time) or does traffic need to pass through MSFC?

Many thanks in advance


Re: FWSM and ACE VLAN Assignment

When allocating VLANs to a vlan-group, be aware "a specific VLAN can only be allocated to one vlan-group". This requirement can dictate the use of multiple vlan-groups.

Either firewall or svclc commands can be used to define a vlan-group. However, the firewall command must be used to allocate vlan-groups to a FWSM, and the svclc command must be used to allocate vlan-groups to an ACE module.

for example

In this example VLANs 100 and 200 need to be allocated to the FSWM and VLANs 200 and 300 allocated to the ACE module. Due to the vlan-group constraint, an additional vlan-group must be allocated for the shared VLAN between the FWSM and ACE modules.

firewall vlan-group 30 100

firewall vlan-group 50 200

svclc vlan-group 70 300

firewall module 3 vlan-group 30

firewall module 3 vlan-group 50

svclc module 4 vlan-group 50

svclc module 4 vlan-group 70

hope it helps

Syed Iftekhar Ahmed

CreatePlease to create content