C H A P T E R 2 Configuring The Switch For The Firewall Services Module; Verifying The Module Installation; Assigning Vlans To The Firewall Services Module - Cisco 7604 Configuration Manual

Verifying the Module Installation

Some FWSM features interact with Cisco IOS features, and require specific Cisco IOS software
versions. See the
information. The following features involve Cisco IOS software, and are described in the feature
sections:
•
•
•
For Cisco IOS software Version 12.2(18)SX6 and earlier, for each FWSM in a switch, the SPAN
Note
reflector feature is enabled. This feature enables multicast traffic (and other traffic that requires central
rewrite engine) to be switched when coming from the FWSM. The SPAN reflector feature uses one
SPAN session. To disable this feature, enter the following command:
Router(config)# no monitor session servicemodule
Verifying the Module Installation
To verify that the switch acknowledges the FWSM and has brought it online, view the module
information using the following command:
Router> show module [mod-num | all]
The following is sample output from the show module command:
Router> show module
Mod Ports Card Type
--- ----- -------------------------------------- ------------------ -----------
1
2
3
4
The show module command shows six ports for the FWSM; these are internal ports that are grouped
Note
together as an EtherChannel. See the
for more information.

Assigning VLANs to the Firewall Services Module

This section describes how to assign VLANs to the FWSM. The FWSM does not include any external
physical interfaces. Instead, it uses VLAN interfaces. Assigning VLANs to the FWSM is similar to
assigning a VLAN to a switch port; the FWSM includes an internal interface to the Switch Fabric
Module (if present) or the shared bus.
See the switch documentation for information about adding VLANs to the switch and assigning them to
Note
switch ports.
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
2-2
"Switch Hardware and Software Compatibility" section on page A-1
Route Health Injection—See the
PISA integration—See the
section on page 21-4.
Virtual Switching System (VSS) support—No FWSM configuration required.
2 Catalyst 6000 supervisor 2 (Active)
48 48 port 10/100 mb RJ-45 ethernet
2 Intrusion Detection System
6 Firewall Module
Chapter 2 Configuring the Switch for the Firewall Services Module
"Configuring Route Health Injection" section on page
"Permitting or Denying Application Types with PISA Integration"
Model
WS-X6K-SUP2-2GE
WS-X6248-RJ-45
WS-X6381-IDS
WS-SVC-FWM-1
"Customizing the FWSM Internal Interface" section on page 2-8
for more
8-32.
Serial No.
SAD0444099Y
SAD03475619
SAD04250KV5
SAD062302U4
OL-20748-01