Example 5: Customer C Context Configuration; Example 5: Switch Configuration; Example 6: Failover - Cisco Catalyst 6500 Series Configuration Manual
Catalyst 6500 series switch and
cisco 7600 series router firewall services
Hide thumbs
Also See for Catalyst 6500 Series:
- Software configuration manual (570 pages) ,
- Configuration note (212 pages) ,
- Installation manual (194 pages)
Table of Contents
Advertisement
Transparent Mode Examples
Example 5: Customer C Context Configuration
nameif vlan153 outside security0
nameif vlan7 inside security100
passwd fl0wer
enable password treeh0u$e
ip address 10.1.4.1 255.255.255.0
route outside 0 0 10.1.4.2 1
access-list INTERNET extended permit 89 any any
access-list INTERNET extended permit ip any any
access-list OSPF extended permit 89 any any
access-group INTERNET in interface inside [ Allows all inside hosts to access the outside
for any IP traffic. Also allows OSPF. ]
access-group OSPF in interface outside [ Allows OSPF. ]
Example 5: Switch Configuration
The following lines in the Cisco IOS switch configuration relate to the FWSM:
...
firewall multiple-vlan-interfaces
firewall module 8 vlan-group 1
firewall vlan-group 1 4-7,150-153
interface vlan 150
interface vlan 151
interface vlan 152
interface vlan 153
...
Example 6: Failover
This configuration shows a transparent, multiple context mode FWSM in one switch, and another FWSM
in a second switch acting as a backup (see
interface and outside interface.
The secondary FWSM is also in transparent, multiple context mode, and has the same software version.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
B-18
ip address 10.1.1.2 255.255.255.0
no shut
ip address 10.1.2.2 255.255.255.0
no shut
ip address 10.1.3.2 255.255.255.0
no shut
ip address 10.1.4.2 255.255.255.0
no shut
Figure
B-4). Each context (A, B, and C) monitors the inside
Appendix B
Sample Configurations
OL-6392-01
Advertisement
Table of Contents
Troubleshooting
