ACE & FWSM in 6500 Chassis

In the upgrading of a CSM to an ACE module it seems that there needs to be a consideration when the chassis is shared with a FWSM. In this instance the allocation of the vlans to the FWSM had to be reconfigured by allocating them to a set of groups. After a dig round the encyclogoogle there seemed a a couple of good examples where defining a method made sense of the madness. In trying to apply some logic the groups have been allocated where

  • VLAN Group 1 = specifically assigned to FWSM only
  • VLAN Group 2 = specifically assigned to ACE only
  • VLAN Group 3 = common assignment to both modules

Here’s an example of a configuration from the chassis with a FWSM and CSM:

# firewall multiple-vlan-interfaces

# firewall module 6 vlan-group 1

# firewall vlan-group 1 101-105,201-205,301-305

Here’s an example of a configuration from the chassis with a FWSM a CSM and an ACE module. (The CSM is due to be removed in the near future):

# svclc multiple-vlan-interfaces

# firewall module 6 vlan-group 1,3

# svclc module 2 vlan-group 2,3

# svclc vlan-group 1 101-105,

# svclc vlan-group 2 301-305

# svclc vlan-group 3 201-205

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s