Cisco Catalyst 6500 Series Configuration Manual page 347

Appendix B Sample Configurations
the configuration on the FWSM using the write terminal, show startup, or show running commands,
the mode displays after the FWSM Version (blank means single mode, "<system>" means you are in
multiple mode in the system configuration, and <context> means you are in multiple mode in a context).
hostname primary
enable password farscape
password crichton
failover lan interface faillink vlan 10
failover link statelink vlan 11
failover lan unit primary
failover interface ip faillink 192.168.253.1 255.255.255.252 standby 192.168.253.2
failover interface ip statelink 192.168.253.5 255.255.255.252 standby 192.168.253.6
failover interface-policy 50%
failover replication http
failover
admin-context contexta
context contexta
context contextb
context contextc
Example 4: Context A Configuration (Primary)
nameif vlan200 outside security0
nameif vlan201 inside security100
passwd secret1969
enable password h1andl0
ip address outside 209.165.201.2 255.255.255.224 standby 209.165.201.6
ip address inside 10.0.3.1 255.255.255.0 standby 10.0.3.2
monitor-interface inside
monitor-interface outside
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
global (outside) 1 209.165.201.10 netmask 255.255.255.224 [ This context uses dynamic PAT
for inside users that access the outside ]
route outside 0 0 209.165.201.5 1
telnet 10.0.3.75 255.255.255.255 inside
access-list INTERNET extended permit ip any any
access-group INTERNET in interface inside [ Allows all inside hosts to access the outside
for any IP traffic ]
Example 4: Context B Configuration (Primary)
nameif vlan200 outside security0
nameif vlan202 inside security100
passwd secret1978
enable password 7samura1
ip address outside 209.165.201.4 255.255.255.224 standby 209.165.201.8
ip address inside 10.0.2.1 255.255.255.0 standby 10.0.2.2
monitor-interface inside
nat (inside) 1 0.0.0.0 0.0.0.0 0 0
global (outside) 1 209.165.201.11 netmask 255.255.255.224 [ This context uses dynamic PAT
for inside users that access the outside ]
route outside 0 0 209.165.201.5 1
OL-6392-01
allocate-interface vlan200
allocate-interface vlan201
config-url disk://contexta.cfg
allocate-interface vlan200
allocate-interface vlan202
config-url ftp://admin:passw0rd@10.0.3.16/contextb.cfg
allocate-interface vlan200
allocate-interface vlan203
config-url ftp://admin:passw0rd@10.0.3.16/contextc.cfg
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
Routed Mode Examples
B-13