| A1:
| Answer: Some of the major features of the FWSM include the following: it is fully VLAN aware, supports dynamic routing, integrates firewall functionality and switching in a single chassis, supports the entire PIX Firewall Version 6.0 feature set and some Version 6.2 features, allows up to 1 million concurrent connections, supports 5-Gbps throughout, enables multiple FWSMs per chassis, supports intrachassis and interchassis stateful failure, and provides multiple management options. |
| A2:
| Answer: The basic deployment scenarios for the FWSM are MSFC as the inside router, MSFC as the outside router, and MSFC not directly connected to FWSM. |
| A3:
| Answer: The three switch configuration steps to set up the FWSM are to create VLANs, define firewall vlan-groups, and associate the vlan-groups with specific switch modules. |
| A4:
| Answer: The firewall vlan-group command defines the VLANs to be controlled by the FWSM. |
| A5:
| Answer: The show module switch command displays the status of the FWSM. |
| A6:
| Answer: The hw-module module module-num reset switch command resets the FWSM from the switch CLI. |
| A7:
| Answer: An orange status LED on the FWSM indicates that the FWSM is in one of the following states: module is running boot and self-test diagnostics, module is disabled, or module is shut down. |
| A8:
| Answer: A red status LED on the FWSM indicates that a diagnostic test (other than the individual port test) failed. |
| A9:
| Answer: The access-list and access-group commands define which traffic is allowed through the FWSM. |
| A10:
| Answer: The nameif FWSM command associates a VLAN and security level to a specific FWSM interface. |
| A11:
| Answer: The firewall module command associates a firewall vlan-group with a specific switch module. |