To Next Page

To Previous Page

11-12

Catalyst 6500 Series Content Switching Module Configuration Note

OL-4612-01

Chapter 11 Configuring Firewall Load Balancing

Configuring Stealth Firewall Load Balancing

Configuring CSM B (Stealth Firewall Example)

To create the regular configuration example, perform the following configuration tasks for CSM B:

• Creating VLANs on Switch B, page 11-12

• Configuring VLANs on CSM B, page 11-13

• Configuring Server Farms on CSM B, page 11-13

• Configuring Virtual Servers on CSM B, page 11-15

Note Although the configuration tasks are the same for both CSM A and CSM B, the steps, commands, and

parameters that you enter are different.

Creating VLANs on Switch B

To create three VLANs on Switch B, perform this task:

Note This example assumes that the CSMs are in separate Catalyst 6500 series switches. If they are in the

same chassis, you can create all of the VLANs on the same Catalyst 6500 series switch console.

Step 15

Switch-A(config-slb-vserver)# virtual

10.1.0.0 255.255.255.0 any

Specifies the IP address, netmask, and protocol (any)

for this virtual server. Clients reach the server farm

represented by this virtual server through this

address.

Step 16

Switch-A(config-slb-vserver))# vlan 10

Specifies that the virtual server will only accept

traffic arriving on VLAN 10, which is traffic arriving

from the Internet.

Step 17

Switch-A(config-slb-vserver)# serverfarm

TO-INSIDE-SF

Specifies the server farm for this virtual server

Step 18

Switch-A(config-slb-vserver)# inservice

Enables the virtual server.

1. FORWARD-V101 allows Internet traffic to reach the insecure side of the firewalls (through VLAN 101).

2. Client matching is only limited by VLAN restrictions. (See Step 4.)

3. This server farm is actually a forwarding predictor rather than an actual server farm containing real servers.

4. FORWARD-V103 allows Internet traffic to reach the insecure side of the firewalls (through VLAN 103).

5. Clients will always match–only being limited by VLAN restrictions. (See Step 10.)

6. OUTSIDE-VS allows traffic from the Internet to reach CSM A (through VLAN 10).

7. The server farm contains the alias IP addresses of CSM B that lie along the path of Firewall 1 and Firewall 2.

Command Purpose

Step 1

Switch-B(config)# vlan

Enters the VLAN mode

1. Do this step on the switch console of the switch that contains CSM B.

Step 2

Switch-B(vlan)# vlan 102

Creates VLAN 102

2. VLAN 102 provides a connection through Firewall 1 to CSM A.

Step 3

Switch-B(vlan)# vlan 104

Creates VLAN 104

Step 4

Switch-B(vlan)# vlan 200

Creates VLAN 200

Brand	Cisco
Model	Catalyst 6500 Series
Category	Switch
Language	English

Cisco Catalyst 6500 Series Configuration Note

Table of Contents

Other manuals for Cisco Catalyst 6500 Series

Questions and Answers:

Cisco Catalyst 6500 Series Specifications

Related product manuals