Re: [c-nsp] 6509 ACE/FWSM Modules??????????
I would say for Design reference this is really good and informativeyou might wana take a look at it http://www.cisco.com/application/pdf/en/us/guest/netsol/ns376/c649/ccmig ration_09186a008078de90.pdf your first puzzle will be the logical placement of the module and the devices and the modes they are to operate, as the case is always : it depends but take a look at the file above. HTH Hash -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nihar Mehta Sent: Monday, August 04, 2008 8:22 AM To: Teller, Robert Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Cisco has published the following for design with ACE and FWSM. http://www.cisco.com/univercd/cc/td/doc/solution/*ace*_*fwsm*.pdf - Nihar On Tue, Jul 29, 2008 at 3:49 PM, Teller, Robert [EMAIL PROTECTED]wrote: I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
Cisco has published the following for design with ACE and FWSM. http://www.cisco.com/univercd/cc/td/doc/solution/*ace*_*fwsm*.pdf - Nihar On Tue, Jul 29, 2008 at 3:49 PM, Teller, Robert [EMAIL PROTECTED]wrote: I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? Neither ACE nor FWSM is currently supported in a Catalyst 6500 running VSS. The NAM is the only service module supported today. (See the VSS Config Guide on http://tinyurl.com/yqg97w) You will need to run the 6500s in a standard HSRP / STP setup. -A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
FWSM is supported with 12.2(33)SXI On Thu, Jul 31, 2008 at 3:25 AM, Asbjorn Hojmark - Lists [EMAIL PROTECTED]wrote: I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? Neither ACE nor FWSM is currently supported in a Catalyst 6500 running VSS. The NAM is the only service module supported today. (See the VSS Config Guide on http://tinyurl.com/yqg97w) You will need to run the 6500s in a standard HSRP / STP setup. -A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
Can someone clarify the PAGP problem ? I had a discussion with someone of Cisco for a new design in one of our datarooms and we had chosen a VSS solution with dual 3750E stacks and 20Gig uplinks in each rack to the VSS chassis for max redundantie. According to our Cisco contact, this was a working solution. If however it is impossible to make channels between a 3750E cluster and both switches in a VSS, the complete design has to be redone... Wim Holemans Network Services University of Antwerp -Original Message- From: Mike Louis [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 6:19 PM To: Teller, Robert; Tony Varriale; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Last time I checked the 3750 did not support the pagp extensions for vss. You would get an stp loop if you tried. Has this support changed? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
FWSM is supported with 12.2(33)SXI I think you meant to write: 'FWSM *will be* supported in SXI'. Yes, SXI should ship sometime soon and will add new hardware support. It will also add tons of new features and likely a lot of new bugs. Whether one is willing to be one of the first to use it in production in a data center... well YMMV. And it's not here today. -A ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
Should work fine (though, admittedly, I haven't deployed this config). The purpose of PAgP+ is to provide dual-active detection should the VSL between your VSS pair fail. If your devices don't support PAgP+, you need to configure a dedicated link to perform this detection instead. See http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps9336/prod_white_paper0900aecd806ee2ed_ps2797_Products_White_Paper.html Holemans Wim wrote: Can someone clarify the PAGP problem ? I had a discussion with someone of Cisco for a new design in one of our datarooms and we had chosen a VSS solution with dual 3750E stacks and 20Gig uplinks in each rack to the VSS chassis for max redundantie. According to our Cisco contact, this was a working solution. If however it is impossible to make channels between a 3750E cluster and both switches in a VSS, the complete design has to be redone... Wim Holemans Network Services University of Antwerp -Original Message- From: Mike Louis [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 6:19 PM To: Teller, Robert; Tony Varriale; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Last time I checked the 3750 did not support the pagp extensions for vss. You would get an stp loop if you tried. Has this support changed? ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
I am going for a collapsed core design and using 4948's for top of rack access. From: Mike Louis [mailto:[EMAIL PROTECTED] Sent: Tue 7/29/2008 7:56 PM To: Teller, Robert; Tony Varriale; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? When you have the vss core what will you attach to it from the dist\access layers? How will they attach to the vss core? -Original Message- From: Teller, Robert [EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 10:06 PM To: Mike Louis [EMAIL PROTECTED]; Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? I will be replacing the 3750 with the 6509's -Original Message- From: Mike Louis [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 6:19 PM To: Teller, Robert; Tony Varriale; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Last time I checked the 3750 did not support the pagp extensions for vss. You would get an stp loop if you tried. Has this support changed? -Original Message- From: Teller, Robert [EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 7:42 PM To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? My plan is to collapse my core switch(3750), pix, and css devices into two 6509's with the fwsm/ace/Gig-e modules. I am just trying to decide the best way to segregate the internal lan and middle tier dmz's. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:27 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? If you want something somewhat Cisco centric, the Networkers slides on the ACE blades are ok. They cover some nice basics about load balancing and about the ACE blades. For FWSM, the Cisco docs are decent. The code is almost the same as on the pix/asa. So the Cisco Press firewall book would do well. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 6:19 PM Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Yeah I am going to have a contractor come in for a day to work on some of the best practices type stuff but was looking for a book to read on the side. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:11 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
My plan is to collapse my core switch(3750), pix, and css devices into two 6509's with the fwsm/ace/Gig-e modules. I am just trying to decide the best way to segregate the internal lan and middle tier dmz's. Our experience with 6500/7600 and IOS support makes this look like a bad plan. [...] Historic precedence shows that all 6500/7600 blades that are not ethernet based have a fairly short life experience (or won't be supported in whatever chassis you have, you always need the other one). Much agreed. Unless you need the throughput on the modules, an ASA and ACE 4710 strapped to the 3750 stack will likely be cheaper, easier to manage (the only management gain with ACE-M and FWSM is power control), have better availability characteristics and leave your options for redeployment and future upgrades wide open. With the leftover budget, start swapping in 3750E's and you'd be in great shape. Based on past performance, unless you intend to deploy this and leave it untouched until you forklift everything but the chassis. The really cute part is that support will be _effectively_ dropped well before Cisco issues an EOS notice. (Just one example is that Cisco will still sell you a new CSM, though don't put it in a SXH switch (which a 720C requires), as it will be powered down due to being unsupported while still preserving all of the CLI's.) ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
I already have the hardware and I am prepping for migration. -Original Message- From: Kevin Graham [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 30, 2008 9:57 AM To: Gert Doering; Teller, Robert Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? My plan is to collapse my core switch(3750), pix, and css devices into two 6509's with the fwsm/ace/Gig-e modules. I am just trying to decide the best way to segregate the internal lan and middle tier dmz's. Our experience with 6500/7600 and IOS support makes this look like a bad plan. [...] Historic precedence shows that all 6500/7600 blades that are not ethernet based have a fairly short life experience (or won't be supported in whatever chassis you have, you always need the other one). Much agreed. Unless you need the throughput on the modules, an ASA and ACE 4710 strapped to the 3750 stack will likely be cheaper, easier to manage (the only management gain with ACE-M and FWSM is power control), have better availability characteristics and leave your options for redeployment and future upgrades wide open. With the leftover budget, start swapping in 3750E's and you'd be in great shape. Based on past performance, unless you intend to deploy this and leave it untouched until you forklift everything but the chassis. The really cute part is that support will be _effectively_ dropped well before Cisco issues an EOS notice. (Just one example is that Cisco will still sell you a new CSM, though don't put it in a SXH switch (which a 720C requires), as it will be powered down due to being unsupported while still preserving all of the CLI's.) # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
Yeah I am going to have a contractor come in for a day to work on some of the best practices type stuff but was looking for a book to read on the side. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:11 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
If you want something somewhat Cisco centric, the Networkers slides on the ACE blades are ok. They cover some nice basics about load balancing and about the ACE blades. For FWSM, the Cisco docs are decent. The code is almost the same as on the pix/asa. So the Cisco Press firewall book would do well. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 6:19 PM Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Yeah I am going to have a contractor come in for a day to work on some of the best practices type stuff but was looking for a book to read on the side. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:11 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
My plan is to collapse my core switch(3750), pix, and css devices into two 6509's with the fwsm/ace/Gig-e modules. I am just trying to decide the best way to segregate the internal lan and middle tier dmz's. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:27 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? If you want something somewhat Cisco centric, the Networkers slides on the ACE blades are ok. They cover some nice basics about load balancing and about the ACE blades. For FWSM, the Cisco docs are decent. The code is almost the same as on the pix/asa. So the Cisco Press firewall book would do well. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 6:19 PM Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Yeah I am going to have a contractor come in for a day to work on some of the best practices type stuff but was looking for a book to read on the side. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:11 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
i found some of the docs on cisco.com to be pretty useful.. ACE http://www.cisco.com/en/US/products/ps6906/tsd_products_support_model_home.html FWSM http://www.cisco.com/en/US/products/hw/modules/ps2706/ps4452/tsd_products_support_model_home.html the virtualization design guide should be able to give you some ideas to start from as Tony mentioned, the fwsm is similar to asa/pix code, the cpress book is decent, i found it very basic unfortunately the full FWSM book doesnt come out until i think september.. On Tue, Jul 29, 2008 at 6:49 PM, Teller, Robert [EMAIL PROTECTED]wrote: I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
Last time I checked the 3750 did not support the pagp extensions for vss. You would get an stp loop if you tried. Has this support changed? -Original Message- From: Teller, Robert [EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 7:42 PM To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? My plan is to collapse my core switch(3750), pix, and css devices into two 6509's with the fwsm/ace/Gig-e modules. I am just trying to decide the best way to segregate the internal lan and middle tier dmz's. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:27 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? If you want something somewhat Cisco centric, the Networkers slides on the ACE blades are ok. They cover some nice basics about load balancing and about the ACE blades. For FWSM, the Cisco docs are decent. The code is almost the same as on the pix/asa. So the Cisco Press firewall book would do well. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 6:19 PM Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Yeah I am going to have a contractor come in for a day to work on some of the best practices type stuff but was looking for a book to read on the side. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:11 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
I will be replacing the 3750 with the 6509's -Original Message- From: Mike Louis [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 6:19 PM To: Teller, Robert; Tony Varriale; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Last time I checked the 3750 did not support the pagp extensions for vss. You would get an stp loop if you tried. Has this support changed? -Original Message- From: Teller, Robert [EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 7:42 PM To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? My plan is to collapse my core switch(3750), pix, and css devices into two 6509's with the fwsm/ace/Gig-e modules. I am just trying to decide the best way to segregate the internal lan and middle tier dmz's. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:27 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? If you want something somewhat Cisco centric, the Networkers slides on the ACE blades are ok. They cover some nice basics about load balancing and about the ACE blades. For FWSM, the Cisco docs are decent. The code is almost the same as on the pix/asa. So the Cisco Press firewall book would do well. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 6:19 PM Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Yeah I am going to have a contractor come in for a day to work on some of the best practices type stuff but was looking for a book to read on the side. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:11 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
When you have the vss core what will you attach to it from the dist\access layers? How will they attach to the vss core? -Original Message- From: Teller, Robert [EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 10:06 PM To: Mike Louis [EMAIL PROTECTED]; Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? I will be replacing the 3750 with the 6509's -Original Message- From: Mike Louis [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 6:19 PM To: Teller, Robert; Tony Varriale; cisco-nsp@puck.nether.net Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Last time I checked the 3750 did not support the pagp extensions for vss. You would get an stp loop if you tried. Has this support changed? -Original Message- From: Teller, Robert [EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 7:42 PM To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? My plan is to collapse my core switch(3750), pix, and css devices into two 6509's with the fwsm/ace/Gig-e modules. I am just trying to decide the best way to segregate the internal lan and middle tier dmz's. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:27 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? If you want something somewhat Cisco centric, the Networkers slides on the ACE blades are ok. They cover some nice basics about load balancing and about the ACE blades. For FWSM, the Cisco docs are decent. The code is almost the same as on the pix/asa. So the Cisco Press firewall book would do well. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: Tony Varriale [EMAIL PROTECTED]; cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 6:19 PM Subject: RE: [c-nsp] 6509 ACE/FWSM Modules?? Yeah I am going to have a contractor come in for a day to work on some of the best practices type stuff but was looking for a book to read on the side. -Original Message- From: Tony Varriale [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 29, 2008 4:11 PM To: Teller, Robert; cisco-nsp@puck.nether.net Subject: Re: [c-nsp] 6509 ACE/FWSM Modules?? Sorry, VSS and those modules are not supported yet. The ACE and FWSM blades are somewhat complex. I would recommend piggy-backing on someone that has experience. tv - Original Message - From: Teller, Robert [EMAIL PROTECTED] To: cisco-nsp@puck.nether.net Sent: Tuesday, July 29, 2008 5:49 PM Subject: [c-nsp] 6509 ACE/FWSM Modules?? I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? # The information contained in this e-mail and subsequent attachments may be privileged, confidential and protected from disclosure. This transmission is intended for the sole use of the individual and entity to whom it is addressed. If you are not the intended recipient, any dissemination, distribution or copying is strictly prohibited. If you think that you have received this message in error, please e-mail the sender at the above e-mail address. # ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. Note: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original
Re: [c-nsp] 6509 ACE/FWSM Modules??????????
Teller, Robert wrote: I am working on implementing two 6509 chassis setup using vss and ace/fwsm modules. Anyone know of any good books for the ACE and FWSM modules? I found the Cisco ASA, PIX, and FWSM Firewall Handbook to be a fair book. Granted it's not perfect but you want to get your feet wet on the FWSM then that's a good start. I found it very useful when we got our first FWSMs. http://tinyurl.com/5qwe58 As far as the ACEs go I'm not aware of any books on them. I have 2 and still haven't got them in production. Best of luck, Justin ___ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
