cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
235
Views
0
Helpful
1
Replies

FWSM 3.1(3)

kcgeorge1218
Level 1
Level 1

Trying to pass traffic thro a FWSM and I don't seem to be getting anywhere. if someone knows how to, that would help a lot. Sample config below..

System Config >>

context Lab

allocate-interface vlan101

allocate-interface vlan201

config-url dis:/admin.cfg

member default

Context Lab

firewall transparent

interface vlan101

nameif outside

security-level 0

bridge-group 1

interface vlan201

nameif inside

security-level 100

bridge-group 1

interface bvi 1

ip address 192.168.1.2 / 24

Have a routed interface on vlan 201 connecting to port 1/5 and a routed interface on vlan 101 connecting to port 1/10 on the switch. Trying to PING from the FWSM to vlan 201 & vlan 101. I get no replies for both PINGs. Pls advise.

Thx

1 Reply 1

carenas123
Level 5
Level 5

In routed mode, some types of traffic cannot pass through the FWSM even if you allow it in an access list. The transparent firewall, however, can pass most types of traffic through using either an extended access list (for IP traffic) or an EtherType access list (for non-IP traffic).

The transparent mode FWSM does not pass CDP packets, or any packets that do not have a valid EtherType greater than or equal to 0x600. For example, you cannot pass IS-IS packets. An exception is made for BPDUs, which are supported

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080577c38.html#wp1220189

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco