[c-nsp] FWSM vs. stand alone FW
Henry Anslinger
fortmreza at yahoo.com.au
Tue Mar 14 19:11:04 EST 2006
yep, we will doing ATM WAN interfaces, spliting 6 customers traffic up. PIX management is crap, so I am not looking forward to the config nor the maintenance.
thanks
Ivan
"Voll, Scott" <Scott.Voll at wesd.org> wrote: On the Cat you need the following commands
firewall multiple-vlan-interfaces
firewall module 2 vlan-group 2,500 <-- this attaches the Vlan groups to
the FWSM in slot 2
firewall vlan-group 2 2,254 <-- these are your groups and which Vlan's
are in each group.
firewall vlan-group 500 500,501
on the FWSM:
you will need to setup names like you do on the Pix
nameif vlan2 security100
setup
passwords
fixups
access-lists
nat / pat
ip addresses
statics
routes
If you can setup a Pix it's not much different.
Scott
PS. If you're trying to do WAN interfaces it gets complicated quick.
Troubleshooting is a pain.
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Henry Anslinger
Sent: Tuesday, March 14, 2006 2:50 PM
To: matthew zeier; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] FWSM vs. stand alone FW
Does anyone have any good how tos for the FWSM they will share?
thanks
Ivan
matthew zeier wrote:
Anyone have constructive comparisons between a FWSM in a 6509 vs using
an external firewall - PIX or Netscreen ? I'll mostly be hit with
simultaneous connection limits before I hit bandwidth issues but
certainly something that can do well in excess of 200Mbps.
thanks.
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
---------------------------------
On Yahoo!7
Dancing With the Stars: Win tickets to the Grand Final!
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
---------------------------------
On Yahoo!7
Music: Create your own personalised radio station.
More information about the cisco-nsp
mailing list