ASA in transparent mode and IP addresses

Unanswered Question


I need to put an ASA in transparent mode.

Our router (managed by the carrier) routes more than one public IP class in a single VLAN.

On the "Cisco Security Appliance Command Line Configuration guide", in "Trasnaprent Firewall Guidelines" it's written: "Each directly connected network must be on the same network".

This means also that I can have ONLY ONE subnet that flows fron the outside and the inside, or can I have more than one class?

If I can have only one class, the only solution is to use multiple context (and separate each classes in different interfaces)?

Thanks a lot

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
fashour Tue, 02/19/2008 - 10:24
User Badges:

The ASA in trasparent mode works at layer 2. So it really does not care if the traffic that flows through it is from different subnet as long as the L3 devices it connects to knows how to reach these subnet. TheASA in transparent is basically a bump in the wire (a bridge) and for that reason you can only use 2 interfaces on the ASA in transparent implementation.

P.S. When people see attitude in your threads, they will refrain from answering your question. That's for future reference.


This Discussion