Configuring Svis - Cisco 7604 Configuration Manual
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Chapter 2
Configuring the Switch for the Firewall Services Module
For transparent firewalls in multiple context mode, you need to use multiple SVIs because each context
requires a unique VLAN on its outside interface (See
SVIs in routed mode so you do not have to share a single VLAN for the outside interface.
Figure 2-3
Admin
Context
Configuring SVIs
To add an SVI to the MSFC, perform the following steps:
Step 1
(Optional) To allow you to add more than one SVI to the FWSM, enter the following command:
Router(config)# firewall multiple-vlan-interfaces
Step 2
To add a VLAN interface to the MSFC, enter the following command:
Router(config)# interface vlan vlan_number
To set the IP address for this interface on the MSFC, enter the following command:
Step 3
Router(config-if)# ip address address mask
To enable the interface, enter the following command:
Step 4
Router(config-if)# no shutdown
The following example shows a typical configuration with multiple SVIs:
Router(config)# firewall vlan-group 50 55-57
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Multiple SVIs in Multiple Context Mode
VLAN 151
VLAN 150
Context A
VLAN 201
VLAN 202
Admin
Inside
Network
Customer A
Adding Switched Virtual Interfaces to the MSFC
Figure
2-3). You might also choose to use multiple
Internet
VLAN 100
VLAN 152
VLAN 153
Context B
Context C
VLAN 203
Inside
Customer B
VLAN 204
Inside
Customer C
2-7
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
