Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
831
Views
0
Helpful
2
Replies

Transparent Firewall

lm20ele
Level 1
Level 1

‎08-20-2007 03:48 PM - edited ‎03-11-2019 04:00 AM

I have read the following definition a couple times:

Transparent mode, the FWSM acts like a "bump in the wire," or a "stealth firewall," and is not a router hop.

What I understand with the previous sentence is that: The FWSM connects the same network on its inside and outside interfaces, but each interface must be on a different VLAN.

However, are both vlans going to share same subnet???

Labels:
0 Helpful
2 Replies 2

rochopra
Cisco Employee
Cisco Employee

‎08-20-2007 04:06 PM

Transparent firewall will bridge between vlan and not route, so if you are using different subnets you will need layer 3 routing device to route packets between subnets.

~Rohit

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎08-20-2007 10:57 PM

Hi

In answer to your question yes you have 2 vlans but only one IP subnet. This setup is also used on other devices such as load balancers.

The reason you need to do this is to avoid a spanning-tree loop. Assuming you are running PVST+ then having 2 vlans but only one subnet allows you to bridge the subnet with the FWSM.

HTH

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card