5-5
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
OL-6392-01
Chapter 5 Managing Security Contexts
Security Context Overview
For transparent firewalls, interfaces do not have IP addresses, so you must use unique VLANs (see
Figure 5-3):
Figure 5-3 Transparent Firewall Contexts
IP Routing Support
Security contexts support only static routes. You cannot enable OSPF or RIP in multiple context mode.
Sharing Resources and Interfaces Between Contexts
The FWSM allows you to share an interface between contexts. Typically in routed mode, you share the
outside interface to conserve VLANs. You can also share inside VLANs to share resources between
contexts, or you can place the shared resource on a single context and provide access to that resource to
other contexts.
This section includes the following topics:
• Sharing Resources, page 5-6
• Shared Interface Limitations, page 5-7
Same subnet on
inside and outside
VLANs
Inside
Customer A
Inside
Customer B
Inside
Customer C
Context A Context B Context C
VLAN 204VLAN 203VLAN 202
VLAN 100
Switch
Internet
Admin
Network
Admin
Context
VLAN 201
VLAN 153VLAN 150
VLAN 152VLAN 151
104668
To Next Page
Loading...
Need help?
General