Traffic movement through FWSM

Hi Experts,
Please have a look in the following pic regarding the deployment of FWSM will traffic move from 7613 to 6513 as it use to be now after deploying FWSM by this way ,currently FWSM is in 7613 chasis.
Actually I need to know some points.
1.If we change Gi0/1 routed port to L2 port by switch port cmmd and assign to VLAN 10 and create SVI interface VLAN 10 on MSFC of 7613 and assign IP of Gi0/1 i.e 192.168.1.10 to it will the traffic move from interfaces of my router to this interface (Gi0/1) currently we have static routes , I am not very much clear about this issue.
2.As mentioned in figure if create VLAN 10 and put Gi0/1 and inside interface ofFWSM will they communicate through SVI interface of VLAN 10 created on 7613 router with IP 192.168.1.10 and same concern for outside interface of FWSM and Gi0/2 of 6513 which are connected through SVI VLAN 20 on 6513 MSFC
please guide me know what correction I have to make in this plan.
Regards
Ambivert skill

Dear members I am really waiting for your valuable comments on this deployment plan.
Thanks

Similar Messages

  • Traffic move through Proxy Server in Production

    Hello,
                                                                                            Internet
                                                                                                  |
                                                                                          Internet Router
                                                                                                  |
                                                                                          Internet switch
                                                                                                  |
                                                                                               IPS
                                                                                                  |
                                                                                               Firewall
                                                                                                  |
                                                                                               IPS
                                        Inside ()---- Access-sw----------Core-SW------------DMZ
    This is my Company network diagram, all data go through the firewall  IPS is Inline mode on Acess and Core sw static route is configured for firewall but management wants all inside (Noc Room Helpdesk Team and Third Party members) traffic must pass via Proxy server that is connected to Core switch Please anybody tell me How can i do this in a Production Enviornment and which type of changes i need to do on Access or Core Switch.They will use Squid for Proxy on Linux Server

    WCCP can be used to redirect traffic to the proxy server. See below a configuration example:
    http://www.crypt.gen.nz/papers/cisco_squid_wccp.html
    Don't forget to rate all posts that are helpful by clicking on the stars below.

  • ESP traffic through FWSM

    HI,
    I've built a site-to-site VPNs between a PIX and an ASA with traffic passing through an FWSM.
    This is the architecture:
    LAN1---PIX--------(dmz interface)FWSM(otuside interface)--------ASA----LAN2
    The VPNs go up regurarly but I am experencing some performance issue so I am trying to look into the logs.
    In the FWSM log I can see a lots of these entries regarding esp protocol traffic between end point peer:
    6|Jan 29 2014|13:07:56|302022|||||Built IP protocol 50 connection 144547910545237602 for outside:x.x.x.x(x.x.x.x) to dmz:y.y.y.y (y.y.y.y)
    6|Jan 29 2014|13:07:56|302022|||||Built IP protocol 50 connection 144547910545237601 for dmz:x.x.x.x(x.x.x.x) to outside:y.y.y.y (y.y.y.y)
    x.x.x.x and y.y.y.y are the vpn peers ip addresses, but I am suspecting some strange behaviour because I see x.x.x.x an y.y.y.y respectively at the same time on outiside interface and on dmz interface during the build of ip protocol 50 connection.
    Do you think it is a normal behaviour or it means that it's a fault?
    Pls any suggestion will be very appreciated.
    Thanks
    angelo

    Hi Marcin, thanks for you reply.
    Yes I know, I expected two flows for inbound and outbound, it's correct but I don't understand why the FWSM see the same IP incoming both interfaces, dmz and outside. That seems strange. If x.x.x.x is on dmz and y.y.y.y on outside, what does this entry means? :
    6|Jan 29 2014|13:07:56|302022|||||Built IP protocol 50 connection 144547910545237602 for outside:x.x.x.x(x.x.x.x) to dmz:y.y.y.y (y.y.y.y).
    Hi
    angelo

  • Only some of the traffic passing through inline vlan pair

    Here is my network setup
       firewall<---- >(g1/2)Coreswitch 6500 with IDSM(TG9/1)<-----> (TG9/1) Distrib switch with FWSM---------Accessswitch
    configuration in core switch
    interface GigabitEthernet1/2.11
    description **** ****
    encapsulation dot1Q 211
    ip vrf forwarding VRF11
    ip address 10.2.11.73 255.255.255.248
    ip ospf network point-to-point
    standby 1 ip 10.2.11.75
    standby 1 priority 110
    standby 1 preempt
    interface GigabitEthernet1/2.37
    description **** ****
    encapsulation dot1Q 237
    ip vrf forwarding VRF37
    ip address 10.2.37.73 255.255.255.248
    ip ospf network point-to-point
    standby 1 ip 10.2.37.75
    standby 1 priority 110
    standby 1 preempt
    interface TenGigabitEthernet9/1.11
    description ****   ****
    encapsulation dot1Q 311
    ip vrf forwarding VRF11
    ip address 10.2.11.2 255.255.255.252
    ip ospf network point-to-point
    interface TenGigabitEthernet9/1.12
    description ****   ****
    encapsulation dot1Q 312
    ip vrf forwarding VRF12
    ip address 10.2.12.2 255.255.255.252
    ip ospf network point-to-point
    configuration in Distribution switch:
    interface TenGigabitEthernet9/1.11
    description ****  ****
    encapsulation dot1Q 311
    ip vrf forwarding VRF11
    ip address 10.2.11.1 255.255.255.252
    no ip route-cache
    ip ospf network point-to-point
    interface TenGigabitEthernet9/1.37
    description ********
    encapsulation dot1Q 337
    ip vrf forwarding VRF37
    ip address 10.2.37.1 255.255.255.252
    no ip route-cache
    ip ospf network point-to-point
    i  have seggregated  n/w like this. i am using inline vlan  pair , to pass all the traffic through the IDSM module ,
    i am using the monitoring port gi0/8
    config in core switch
    intrusion-detection module 8 data-port 2 trunk allowed-vlan 211-260,311-360
    IDSM
    physical-interfaces GigabitEthernet0/8
    subinterface-type inline-vlan-pair
    subinterface 11
    description
    vlan1 211
    vlan2 311
    exit
    subinterface 37
    description
    vlan1 237
    vlan2 337
    exit
    Problem i am facing is , some of the vlan-pair traffic passing through the IDSM some of the traffic are not passing , here i have given the statistics
    MAC statistics from interface GigabitEthernet0/8
       Statistics From Subinterface 11
          Statistics From Vlan 211
             Total Packets Received On This Vlan = 0
             Total Bytes Received On This Vlan = 0
             Total Packets Transmitted On This Vlan = 0
             Total Bytes Transmitted On This Vlan = 0
          Statistics From Vlan 311
             Total Packets Received On This Vlan = 0
             Total Bytes Received On This Vlan = 0
             Total Packets Transmitted On This Vlan = 0
             Total Bytes Transmitted On This Vlan = 0
    Statistics From Subinterface 37
          Statistics From Vlan 237
             Total Packets Received On This Vlan = 3189658726
             Total Bytes Received On This Vlan = 64165872092928
             Total Packets Transmitted On This Vlan = 3549575166
             Total Bytes Transmitted On This Vlan = 64165872092928
          Statistics From Vlan 337
             Total Packets Received On This Vlan = 3549575166
             Total Bytes Received On This Vlan = 64165872092928
             Total Packets Transmitted On This Vlan = 3189658726
             Total Bytes Transmitted On This Vlan = 64165872092928
       Statistics From Subinterface 38
          Statistics From Vlan 238
             Total Packets Received On This Vlan = 2215151150
             Total Bytes Received On This Vlan = 64165872092928
             Total Packets Transmitted On This Vlan = 126546964
             Total Bytes Transmitted On This Vlan = 64165866995200
          Statistics From Vlan 338
             Total Packets Received On This Vlan = 126546964
             Total Bytes Received On This Vlan = 64165866995200
             Total Packets Transmitted On This Vlan = 2215151150
             Total Bytes Transmitted On This Vlan = 64165872092928
    Give me idea experts , so that i can resolve this issue.
    Help me thanks in advance

    I believe the issue is because of the config below:
    interface GigabitEthernet1/2.11
    description **** ****
    encapsulation dot1Q 211
    ip vrf forwarding VRF11
    ip address 10.2.11.73 255.255.255.248
    ip ospf network point-to-point
    standby 1 ip 10.2.11.75
    standby 1 priority 110
    standby 1 preempt
    encapsulation dot1Q 311
    ip vrf forwarding VRF11
    ip address 10.2.11.2 255.255.255.252
    ip ospf network point-to-point
    interface TenGigabitEthernet9/1.12
    description ****   ****
    encapsulation dot1Q 312
    ip vrf forwarding VRF12
    ip address 10.2.12.2 255.255.255.252
    ip ospf network point-to-point
    As you can see we have 2 ip subnets in the VRF 11 .73 &  .2 in vlan 211 & 311 respectively.
    The switch is doing intervlan routing directly without having to go through the IDSM for VRF 11.
    What we need to remember is IDSM does not do routing, and it can only bridge vlans.
    Hence we have to force to packet to go through the IDSM.
    Here is what we do when we use IDSM to see traffic going between vlans.:
    Normally, with vlans, and IDSM inline mode, we have one IP subnet and 2 Vlans.
    IDSM2 in inline mode necessitates an additional artificial Vlan on the  SAME subnet as the Vlan you wish to sense.
    A layer 3 switch  interface  needs to be configured within this additional artificial Vlan.
    In a nutshell, we need to create 2 Vlans that share one same ip subnet and put SVI on only one of the Vlans.
    In your case you will need one ip between vlans 211 & 311 in VRF 11 to force the data to go through the IDSM.
    I can understand if this is a bit tricky to understand.
    Please go through my design document for IDSM inline mode, which explains the basic concepts and packet walk in detail.
    It will explain why we need the above and how arp makes the mac-address table populate correct entries, (with one ip subnet for 2 vlans) so that traffic goes through the IDSM.
    https://supportforums.cisco.com/docs/DOC-12206
    - Sid

  • HT201667 I rented a movie through itunes on my ipad and wanted to watch it with friends on a digital projector, but it wouldn't allow me to do it.  Is there any way around this?

    I  rented a movie through itunes on my ipad and wanted to watch it with friends on a digital projector, but it wouldn't allow me to do it.  Is there any way around this?

    The issue was that a dialogue box came up which said that I couldn't play this movie on another device.  I tried playing the same movie on an Tv with an HDMI connection attached to an adapter to the IPad and that worked.  I wonder if the problem is that the digital projector has a VGA connection.

  • When I play a movie through iTunes, audio has no issues but video stutters and skips

    Hey everyone,
    I have a Dell 17R, Windows 8 64 bit, intel i7-3630QM at 2.4 GHZ, 8gb ram, Nvidia GT-650M at 1920x1080 using driver 320.49
    When I play a movie in iTunes, the audio works flawlessly but the video will be smooth for a few seconds, stutter and then skip small 2-3 second spots. I haven't noticed that the parts skipped are any more graphically intense than other spots and there is no discernable pattern.
    In the past, I have been able to play movies through iTunes with absolutely no problem but when I downloaded this most recent one a few days ago all of my movies have been experiencing the same issue.
    When I stream other videos from other sources I do not experience the same problems as I do when I use iTunes. Streaming 1080P over youtube or a similar services is no issue.
    I have updated my video drivers to the latest version as well.
    I am at a loss, any suggestions would be appreciated.
    Thanks!

    Hi there,
    I would recommend taking a look at the troubleshooting steps found in the article below.
    Troubleshooting iTunes for Windows Vista or Windows 7 video playback performance issues
    http://support.apple.com/kb/TS1718
    -Griff W.

  • I bought a movie through my ATV and I am now trying to find it in my IPad. My problem is it only brings up music in the cloud and when I go to look on iTunes to renown load it, it wants me to buy it again. Anyway to get them on my IPad?

    Hello all,
    I recently bought a movie through my ATV. While I was working I tried looking for it on my IPad to watch , but was unable to locate it. I searched under the purchased section, but was only able to find my music. I went back onto ITunes to try an redownload it and it wanted me to purchase it again. There was also no warning with the movie eevn when I looked again about it not being available with the ICloud. With my tv shows such as The Walking Dead it would let me redownload it through ITunes. Anybody else have this problem?

    I also live in the United States so redownloading shouldn't be a problem.

  • How can I set firefox to stack my tabs one after the other so that I do not have to move through tabs using the buttons at the ends

    when I open multiple tabs which do not fit the tab strip I have to move through tabs using scroll buttons. is there any way way I can stack the tabs on each other or suggest me a add-on which can help me achieve this

    You can consider to access the tabs via the list all tabs button.
    You see the "List All Tabs" button in current Firefox versions if there are that many tabs open that you get the Tab bar scroll buttons appearing.
    * Permanent List-all-tabs Button: https://addons.mozilla.org/firefox/addon/permanent-listalltabs/
    The Custom Tab Width extension adds CSS rules to adjust the tab width settings as set by the browser.tabs.tabMinWidth and browser.tabs.tabMaxWidth prefs on the <b>about:config</b> page.
    * Custom Tab Width: https://addons.mozilla.org/firefox/addon/custom-tab-width/
    You can achieve the same with code in userChrome.css.
    The customization files userChrome.css (user interface) and userContent.css (websites) are located in the chrome folder in the Firefox profile folder.
    *http://kb.mozillazine.org/Editing_configuration
    <pre><nowiki>@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul"); /* only needed once */
    #tabbrowser-tabs ~ #alltabs-button { visibility:visible!important; }
    .tabbrowser-tab[fadein]:not([pinned]) { min-width: 100px !important; max-width: 250px !important; }
    </nowiki></pre>

  • I rented a movie through iTunes and it downloaded but won't play.

    I rented a movie through iTunes and it downloaded but won't play. It is present in the videos app but doesn't load the picture for the movie. When I go to play it, it just opens and then closes. There is an iCloud icon that suggests the movie has not Been downloaded and when I click it it says that the movie has already been rented but not downloaded and that I need to go to downloads to manage it. It is not present in my iTunes download page however. And when I go to rent it again all I get is a watch button that directs me back to the videos app with no way to watch it.

    Hi Refvoxa,
    Thanks for visiting Apple Support Communities.
    If you are not able to play or download a movie rental on your iPad, first restart your device:
    Restarting your device
    Press and hold the Sleep/Wake button for a few seconds until the red "slide to power off" slider appears, and then slide the slider.
    Press and hold the Sleep/Wake button until the Apple logo appears.
    Note: Reset your device only if you are unable to restart it.
    Resetting your device
    Press and hold the Sleep/Wake button and the Home button together for at least ten seconds, until the Apple logo appears.
    iOS: Turning off and on (restarting) and resetting
    http://support.apple.com/kb/ht1430
    After your iPad restarts, try resuming the download again:
    If your download was interrupted using your iPhone, iPad, or iPod touch
    From the Home screen, tap the iTunes app.
    For iPhone or iPod touch, tap More > Downloads. For iPad, tap Downloads.
    Enter your account name and password if prompted.
    Tap the blue download arrow to resume.
    iTunes: How to resume interrupted iTunes Store downloads
    http://support.apple.com/kb/HT1725
    If the movie still does not appear in Downloads, and can't be played, I recommend reporting the issue with your purchase:
    How to report an issue with your iTunes Store, App Store, Mac App Store, or iBookstore purchase
    http://support.apple.com/kb/HT1933
    Regards,
    Jeremy

  • Where are my purchased movies through iTunes stored on my PC?  I need to back-them up on a hard drive and then I want to play them on my iPad

    where are my purchased movies through iTunes stored on my PC?  I need to back-them up on a hard drive and then I want to play them on my iPad

    They're in the iTunes folder, in iTunes Media or iTunes Music depending on when your iTunes was first installed. The iTunes folder by default is in My Documents/Music.
    Regards.

  • Can you view movies through the mini-DVI output?

    Anyone know if you can watch rented movies on a TV with the mini-DVI output to video?

    Anyone have any feedback on whether or not you can output rented movies through the mini-DVI to watch on a television?

  • What cable do I need to be able to watch a movie through my regular LCD TV?

    what cable do I need to be able to watch a movie through my regular LCD TV?
    I've haven't got any of the other cables for my Retina display, and I've tried connecting my Mac to my TV via HDMI cable, but no sound comes out and apprently I need another cable...?

    Your HDMI output port should be carrying the audio signal to your television. If it's not, you can use a Thunderbolt->HDMI adapter that does carry sound, such as this one from Monoprice.
    Clinton

  • HT204291 I have iOS 6.0 installed. Im trying to mirror a rented movie from ipad to TV via apple TV. I can hear the movie through TV but not picture (which is still on ipad)

    I have iOS 6.0 installed. Im trying to mirror a rented movie from ipad to TV via apple TV. I can hear the movie through TV but not picture (which is still on ipad)

    Restart you iPad http://support.apple.com/kb/HT1430
    Restart your Apple TV http://support.apple.com/kb/HT3180
    Make sure AirPlay Mirroring is enabled http://support.apple.com/kb/HT5209

  • Does it always take hours to download a movie through the apple tv when you rent from I tunes

    Does it always take hours to download a movie through apple tv when renting a movies through itunes?

    This is dependent on your network connection. Check www.speedtest.net
    6mbps is required for instant HD rentals
    You can switch to SD in the settings if on a slower connection

  • We have a movie downloaded on a laptop connected to the internet pluged into our router in the basement and an apple tv upstairs trying to play the movie through home sharing but it wont play. can anyone tell me whats wrong?

    we have a movie downloaded on a laptop connected to the internet pluged into our router in the basement and an apple tv upstairs trying to play the movie through home sharing but it wont play. can anyone tell me whats wrong? it comes to the last loading page where it shows the desscription of the movie befor it acually plays.

    It can come about without any change done by the user, and it's not just from other networks. The placement of the router can also affect performance. Also make sure router is up to date.
    Apart from that would be the reboots.

Maybe you are looking for

  • Ipod cannot synchronise

    Hey, I just bought an iPod 30g and I had nothing but trouble. First I had iTunes 7.0 wich said there was an unknown error (-50) and i could not synchronise (or something). Now I have itunes 7.2 which says: The ipod can not be syncronised, the disk ca

  • Better to finish in 108050i or 108025p?

    HI! I'm working on a documentary shot mostly on a a 1080 50i HDV camera. Until recently, I was working in a 1080 50i HDV sequence (that is to say, I clicked yes when I inserted the first media into the timeline and FC asked me if sequence settings sh

  • P1606dn won't print multiple copies of Word 7 documents

    The P1606dn prints one copy despite the number of copies requested in the print box. This question was solved. View Solution.

  • Screen sharing is not listed in system prefernces?

    hi, I am trying to setup screen sharing so I can use my computer from iPod with vnc, I know I need to enable screen sharing from system prefs. But it wont give the option. this is what's listed: personal file sharing windows sharing personal web shar

  • India GAAP vs US GAAP

    Hi Please let me know how to configure India GAAP and US GAAP in SAP system. Provide me any referace documents. Thanks Babu