11-4
Catalyst 6500 Series Content Switching Module Configuration Note
OL-4612-01
Chapter 11 Configuring Firewall Load Balancing
Understanding How Firewalls Work
Figure 11-1 Stealth Firewall Configuration (Dual CSMs Only)
In Figure 11-2, traffic moves through the firewalls and is filtered in both directions. The figure shows
the flow from the Internet to the intranet. VLANs 11 and 111 are on the same subnet, and
VLANs 12 and 112 are on the same subnet.
Figure 11-2 Regular Firewall Configuration (Dual CSMs)
In Figure 11-3, traffic moves through the firewalls and is filtered in both directions. The figure shows
only the flow from the Internet to the intranet, and VLANs 11 and 111 are on the same subnet.
VLANs 12 and 112 are on the same subnet.
VLAN 100
100.0.0.2
VLAN 5
10.5.0.2
Catalyst 6500
CSM-A
IP address
200.20.0.10
IP address
200.0.0.4
Alias
IP address
10.5.0.100
Alias
IP address
10.6.0.100
Alias
IP address
10.7.0.100
IP address
100.0.0.3
Catalyst 6500
CSM-B
Alias
IP address
10.5.0.200
Alias
IP address
10.6.0.200
Alias
IP address
10.7.0.200
IP address
200.0.0.3
Internet
Intranet
VLAN 6
10.6.0.2
VLAN 7
10.7.0.2
VLAN 15
10.5.0.3
VLAN 16
10.6.0.3
VLAN 200
200.0.0.2
Router
Firewalls
63905
VLAN 17
10.7.0.3
VLAN 11
25.0.11.10
Catalyst 6500
CSM-A
IP address
25.0.11.20
IP address
25.0.11.20
Catalyst 6500
CSM-B
IP address
25.0.12.20
IP address
25.0.12.20
Internet
63906
IP address
25.0.21.1
IP address
25.0.12.1
Intranet
VLAN 200
25.0.12.10
Router
VLAN 111
25.0.11.10
IP address
25.0.11.50
IP address
25.0.11.51
IP address
25.0.11.52
IP address
25.0.12.50
IP address
25.0.12.51
IP address
25.0.12.52
Firewalls
VLAN 112
25.0.12.10
To Next Page
Loading...
Need help?
General