EasyManuals Logo
Home>Cisco>Switch>Catalyst 6500 Series

Cisco Catalyst 6500 Series User Manual

Cisco Catalyst 6500 Series
392 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #338 background imageLoading...
Page #338 background image
B-4
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
OL-6392-01
Appendix B Sample Configurations
Routed Mode Examples
static (inside,outside) 209.165.201.30 10.1.1.75 netmask 255.255.255.255 [
The host at
10.1.1.75 has access to the Websense server in Customer C, so it needs a static
translation for use in Customer C’s ACL
]
access-list INTERNET extended permit ip any any
access-group INTERNET in interface inside [
Allows all inside hosts to access the outside
for any IP traffic
]
Example 1: Customer A Context Configuration
nameif vlan3 outside security0
nameif vlan5 inside security100
passwd hell0!
enable password enter55
ip address outside 209.165.201.3 255.255.255.224
ip address inside 10.1.2.1 255.255.255.0
route outside 0 0 209.165.201.1 1
route inside 192.168.1.0 255.255.255.0 10.1.2.2 1 [
The Customer A context has a second
network behind an inside router that requires a static route. All other traffic is handled
by the default route pointing to the MSFC.
]
nat (inside) 1 10.1.2.0 255.255.255.0
global (outside) 1 interface [
This context uses dynamic PAT for inside users that access
that outside. The outside interface address is used for the PAT address
]
access-list INTERNET extended permit ip any any
access-group INTERNET in interface inside [
Allows all inside hosts to access the outside
for any IP traffic
]
Example 1: Customer B Context Configuration
nameif vlan3 outside security0
nameif vlan6 inside security100
passwd tenac10us
enable password defen$e
ip address outside 209.165.201.4 255.255.255.224
ip address inside 10.1.3.1 255.255.255.0
route outside 0 0 209.165.201.1 1
nat (inside) 1 10.1.3.0 255.255.255.0
global (outside) 1 209.165.201.9 netmask 255.255.255.255 [
This context uses dynamic PAT
for inside users that access the outside
]
access-list INTERNET extended permit tcp any any eq http
access-list INTERNET extended permit tcp any any eq https
access-group INTERNET in interface inside [
Inside users can only access HTTP and HTTPS
servers on the outside
]
Example 1: Customer C Context Configuration
nameif vlan3 outside security0
nameif vlan7 inside security100
nameif vlan8 dmz security50
passwd fl0wer
enable password treeh0u$e
ip address outside 209.165.201.5 255.255.255.224
ip address inside 10.1.4.1 255.255.255.0
ip address dmz 192.168.2.1 255.255.255.0
route outside 0 0 209.165.201.1 1
url-server (dmz) vendor websense host 192.168.2.2 url-block block 50
url-cache dst 128

Table of Contents

Other manuals for Cisco Catalyst 6500 Series

Preview: Command Reference
Command Reference160 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Configuration Note
Configuration Note212 pages
Preview: Installation Note
Installation Note36 pages
Preview: Hardware Installation Guide
Hardware Installation Guide134 pages
Preview: Troubleshooting
Troubleshooting10 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 6500 Series and is the answer not in the manual?

Cisco Catalyst 6500 Series Specifications

General IconGeneral
BrandCisco
ModelCatalyst 6500 Series
CategorySwitch
LanguageEnglish

Related product manuals