4-14
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide
OL-6392-01
Chapter 4 Configuring the Firewall Mode
Firewall Mode Overview
An Outside User Visits a Website on the Inside Network
Figure 4-3 shows an outside user accessing the inside website.
Figure 4-10 Outside to Inside
The steps below describe how data moves through the FWSM (see Figure 4-3):
1. A user on the outside network requests a web page from the inside website.
2. The FWSM receives the packet on VLAN 100 and, because it is a new session, it verifies that the
packet is allowed according to the terms of the security policy (ACLs, filters, AAA).
For multiple context mode, the FWSM first classifies the packet according to either a unique VLAN
or a unique destination address. In this case, the VLAN would be unique. For transparent firewall
mode, each context has a unique VLAN on the inside and outside, so the IP address would not be
considered.
3. The FWSM records that a session is established.
Host
VLAN 100
VLAN 200
209.165.201.2
Switch
Internet
209.165.201.1
209.165.200.230
Web Server
209.165.200.225
104694
FWSM
209.165.201.6
To Next Page
Loading...
Need help?
General