Chapter 5 Configuring The Firewall Mode; Routed Mode Overview; Ip Routing Support - Cisco 7604 Configuration Manual

Configuring the Firewall Mode
This chapter describes how to set the firewall mode, as well as how the firewall works in each firewall
mode. You can set the firewall mode independently for each context in multiple context mode.
The FWSM (or each context in multiple mode) can run in one of two firewall modes:
•
•
This chapter includes the following sections:
•
•
•

Routed Mode Overview

In routed mode, the FWSM is considered to be a router hop in the network. It can use OSPF, EIGRP,
passive RIP (in single context mode), and BGP in stub mode. Routed mode supports many interfaces,
and each interface is on a different subnet. You can share interfaces between contexts, with some
limitations.
•
•

IP Routing Support

The FWSM acts as a router between connected networks, and each interface requires an IP address on a
different subnet. In single context mode, the routed firewall supports OSPF, EIGRP, RIP (in passive
mode), and BGP in stub mode. Multiple context mode supports static routes only and BGP in stub mode.
We recommend using the advanced routing capabilities of the upstream and downstream routers instead
of relying on the FWSM for extensive routing needs.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Routed mode
Transparent mode
Routed Mode Overview, page 5-1
Transparent Mode Overview, page 5-7
Setting Transparent or Routed Firewall Mode, page 5-17
IP Routing Support, page 5-1
How Data Moves Through the FWSM in Routed Firewall Mode, page 5-2
5
C H A P T E R
5-1