Cisco Cisco Catalyst 6500 Series 7600 Series ASA Services Module Guide De Montage
11
Figure 1
Multiple SVI Misconfiguration
You might need to bypass the ASASM in some network scenarios.
shows an IPX host on the same Ethernet segment as
IP hosts. Because the ASASM in routed firewall mode only handles IP traffic and drops other protocol traffic like IPX
(transparent firewall mode can optionally allow non-IP traffic), you might want to bypass the ASASM for IPX traffic. Make
sure that you configure the MSFC with an access list that allows only IPX traffic to pass on VLAN 201.
(transparent firewall mode can optionally allow non-IP traffic), you might want to bypass the ASASM for IPX traffic. Make
sure that you configure the MSFC with an access list that allows only IPX traffic to pass on VLAN 201.
Figure 2
Multiple SVIs for IPX
ASA SM
MSFC
VLAN 200
VLAN 100
VLAN 201
VLAN 201
Inside
249952
Internet
ASA SM
MSFC
Inside
VLAN 200
VLAN 100
VLAN 201
VLAN 201
IPX Host
IP Host
249953
Internet