Chapter 2
Configuring the Switch for the Firewall Services Module
However, you might need to bypass the FWSM in some network scenarios.
host on the same Ethernet segment as IP hosts. Because the FWSM in routed firewall mode only handles
IP traffic and drops other protocol traffic like IPX (transparent firewall mode can optionally allow non-IP
traffic), you might want to bypass the FWSM for IPX traffic. Make sure to configure the MSFC with an
ACL that allows only IPX traffic to pass on VLAN 201.
Figure 2-2
Switch
VLAN 201
OL-6392-01
Multiple SVIs for IPX
Internet
VLAN 100
MSFC
VLAN 200
FWSM
VLAN 201
IPX Host
IP Host
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
Inside
Adding Switched Virtual Interfaces to the MSFC
Figure 2-2
shows an IPX
2-7