Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

FWSM 3.1(3)

Trying to pass traffic thro a FWSM and I don't seem to be getting anywhere. if someone knows how to, that would help a lot. Sample config below..

System Config >>

context Lab

allocate-interface vlan101

allocate-interface vlan201

config-url dis:/admin.cfg

member default

Context Lab

firewall transparent

interface vlan101

nameif outside

security-level 0

bridge-group 1

interface vlan201

nameif inside

security-level 100

bridge-group 1

interface bvi 1

ip address 192.168.1.2 / 24

Have a routed interface on vlan 201 connecting to port 1/5 and a routed interface on vlan 101 connecting to port 1/10 on the switch. Trying to PING from the FWSM to vlan 201 & vlan 101. I get no replies for both PINGs. Pls advise.

Thx

1 REPLY
Silver

Re: FWSM 3.1(3)

In routed mode, some types of traffic cannot pass through the FWSM even if you allow it in an access list. The transparent firewall, however, can pass most types of traffic through using either an extended access list (for IP traffic) or an EtherType access list (for non-IP traffic).

The transparent mode FWSM does not pass CDP packets, or any packets that do not have a valid EtherType greater than or equal to 0x600. For example, you cannot pass IS-IS packets. An exception is made for BPDUs, which are supported

http://www.cisco.com/en/US/products/hw/switches/ps708/products_module_configuration_guide_chapter09186a0080577c38.html#wp1220189

108
Views
0
Helpful
1
Replies
CreatePlease to create content