Transparent Firewall

Unanswered Question
Aug 20th, 2007
User Badges:

I have read the following definition a couple times:


Transparent mode, the FWSM acts like a "bump in the wire," or a "stealth firewall," and is not a router hop.


What I understand with the previous sentence is that: The FWSM connects the same network on its inside and outside interfaces, but each interface must be on a different VLAN.


However, are both vlans going to share same subnet???

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
rochopra Mon, 08/20/2007 - 16:06
User Badges:
  • Cisco Employee,

Transparent firewall will bridge between vlan and not route, so if you are using different subnets you will need layer 3 routing device to route packets between subnets.


~Rohit

Jon Marshall Mon, 08/20/2007 - 22:57
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi


In answer to your question yes you have 2 vlans but only one IP subnet. This setup is also used on other devices such as load balancers.


The reason you need to do this is to avoid a spanning-tree loop. Assuming you are running PVST+ then having 2 vlans but only one subnet allows you to bridge the subnet with the FWSM.


HTH


Jon

Actions

This Discussion