Cisco Cisco Catalyst 6500 Series Firewall Services Module Release Notes

The FWSM supports the following licensed features:

Multiple security contexts. The FWSM supports two virtual contexts plus one admin context for a 
total of three security contexts without a license. For more than three contexts, obtain one of the 
following licenses:

20

50

100

250

BGP stub support.

GTP/GPRS support.

See the following limitations and restrictions on the FWSM:

The following features are not supported when you use TCP state bypass: 

Application inspection—Application inspection requires both inbound and outbound traffic to 
go through the same FWSM, so application inspection is not supported with TCP state bypass. 

AAA authenticated sessions—When a user authenticates with one FWSM, traffic returning via 
the other FWSM will be denied because the user did not authenticate with that FWSM.

Multiple context mode does not support most dynamic routing protocols. BGP stub mode is 
supported. Security contexts support only static routes or BGP stub mode. You cannot enable OSPF 
or RIP in multiple context mode.

TCP State Bypass

If you have asymmetric routing configured on upstream routers, and traffic alternates between 
two FWSMs, then you can configure TCP state bypass for specific traffic.

Connection Timeouts For 
Non-TCP Traffic On A 
Per-flow Basis

You can now configure connection timeouts for non-TCP traffic using Modular Policy 
Framework. Formerly, you could only set global timeouts.

IOS Support For Autostate 
Messaging For Rapid Link 
Failure Detection

Using Catalyst operating system software Release 8.4(1) and higher or Cisco IOS software 
Release 12.2(18)SXF5 and higher, the supervisor engine can send autostate messages to the 
FWSM about the status of physical interfaces associated with FWSM VLANs.

SNMP Enhancement

SNMP CLI, MIB and trap enhancements have been added in Release 3.2(1).

DHCP Relay per interface

An option is provided to the user to configure DHCP helper addresses on a per-interface basis

.