[Device] Cisco ASA FWSM Firewall 設定概說

inside outside對應到switch的vlan

例如inside vlan30, outside vlan60
switch port access vlan 30,這個port就是inside
switch port access vlan 60,這個port就是outside

但FWSM預設只予許一個side存取vlan
例如設定inside assign到vlan30, outside就下不下去(可能也認為outside直接接外網出去)
所以需要下面這指令FWSM的inside跟outside都能assign vlan
firewall multiple-vlan-interfaces

然後!!!!!
還要還要把vlan配給module (vlan assign  module)
ex:
firewall module 4 vlan-group 4,
firewall vlan-group 4  258




asdm的ios是要丟到哪個資料夾忘了