Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide, 3.2
About This Guide
Download this chapter
About This GuideAbout This Guide
Download the complete book
Book-Level PDF: Firewall Services Module Configuration Guide, 3.2Book-Level PDF: Firewall Services Module Configuration Guide, 3.2 (PDF - 18 MB)
 Feedback

Table Of Contents

About This Guide

Audience

Objectives

Organization

Document Conventions

Related Documentation

Obtaining Documentation and Submitting a Service Request


About This Guide

This preface describes the objectives and organization of this document and explains how to find additional information on related products and services.

This preface includes the following sections:

Audience

Objectives

Organization

Document Conventions

Related Documentation

Obtaining Documentation and Submitting a Service Request

Audience

This guide is for network managers who perform any of the following tasks:

Managing network security

Installing and configuring firewalls

Managing default and static routes, and TCP and UDP services

Objectives

This document contains instructions and procedures for configuring the Firewall Services Module (FWSM) 3.2, a single-width services module supported on the Catalyst 6500 switch and the Cisco 7600 router, using the command-line interface. FWSM protects your network from unauthorized use. This guide does not cover every feature, but describes only the most common configuration scenarios.

You can also configure and monitor the FWSM by using ASDM, a web-based GUI application. ASDM includes configuration wizards to guide you through some common configuration scenarios, and online Help for less common scenarios. For more information, see:

http://www.cisco.com/en/US/docs/security/asdm/6_1f/user/guide/usrguide.html

Organization

This document contains the following chapters:

Chapter
Title
Description
1

Introduction to the Firewall Services Module

Provides a high-level overview of the FWSM.

2

Configuring the Switch for the Firewall Services Module

Describes how to configure the switch for use with the FWSM.

3

Connecting to the Firewall Services Module and Managing the Configuration

Describes how to access the command-line interface and work with the configuration.

4

Configuring Security Contexts

Describes how to use security contexts and enable multiple context mode.

5

Configuring the Firewall Mode

Describes in detail the two operation modes of the FWSM, routed and transparent mode, and how data is handled differently with each mode.

6

Configuring Interface Parameters

Describes how to configure the interface name, security level, and IP address. It also describes how to configure bridge groups for transparent firewall mode interfaces.

7

Configuring Basic Settings

Describes how to configure basic settings that are typically required for a functioning configuration.

8

Configuring IP Routing and DHCP Services

Describes how to configure IP routing and DHCP.

9

Configuring IPv6

Describes how to enable and configure IPv6.

10

Identifying Traffic with Access Lists

Describes how to identify traffic with access lists.

11

Permitting or Denying Network Access

Describes how to control network access through the FWSM using access lists.

12

Configuring NAT

Describes how address translation is performed.

13

Configuring Failover

Describes the failover feature, which lets you configure two FWSMs so that one will take over operation if the other one fails.

14

Configuring AAA Servers and the Local Database

Describes how to configure AAA servers and the local database.

15

Applying AAA for Network Access

Describes how to enable AAA for network access.

16

Applying Filtering Services

Describes ways to filter web traffic to reduce security risks or prevent inappropriate use.

17

Configuring ARP Inspection and Bridging Parameters

Describes how to enable ARP inspection and how to customize bridging operations.

18

Using Modular Policy Framework

Describes how to use the Modular Policy Framework to create security policies for TCP, general connection settings, and inspection.

19

Configuring Advanced Connection Features

Describes how to configure connection features.

20

Applying Application Layer Protocol Inspection

Describes how to use and configure application inspection.

21

Configuring Management Access

Describes how to access the FWSM for system management through Telnet, SSH, HTTPS, and VPN.

22

Managing Software, Licenses, and Configurations

Describes how to enter license keys and download software and configurations files.

23

Monitoring the Firewall Services Module

Describes how to monitor the FWSM.

24

Troubleshooting the Firewall Services Module

Describes how to troubleshoot the FWSM.

A

Specifications

Describes the FWSM specifications.

B

Sample Configurations

Describes a number of common ways to implement the FWSM.

C

Using the Command-Line Interface

Describes how to use the CLI to configure the FWSM.

D

Mapping MIBs to CLI Commands

Lists MIB objects and the equivalent CLI commands.

E

Addresses, Protocols, and Ports

Provides a quick reference for IP addresses, protocols, and applications.

 

Glossary

Provides a glossary for terms used in this guide.

 

Index

Provides an index for this guide.


Document Conventions

The FWSM command syntax descriptions use the following conventions:

Command descriptions use these conventions:

Braces ({ }) indicate a required choice.

Square brackets ([ ]) indicate optional elements.

Vertical bars ( | ) separate alternative, mutually exclusive elements.

Boldface indicates commands and keywords that are entered literally as shown.

Italics indicate arguments for which you supply values.

Examples use these conventions:

Examples depict screen displays and the command line in screen font.

Information you need to enter in examples is shown in boldface screen font.

Variables for which you must supply a value are shown in italic screen font.

Examples might include output from different platforms; for example, you might not recognize an interface type in an example because it is not available on your platform. Differences should be minor.

Note Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual.

For information on modes, prompts, and syntax, see "Using the Command-Line Interface."

Related Documentation

For more information, see the following documentation:

Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Command Reference

Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Logging Configuration and System Log Messages

Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Installation Note

Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Release Notes

Obtaining Documentation and Submitting a Service Request

For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:

http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html

Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.