Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4085
Views
0
Helpful
3
Replies

Basic ASA 5505 Transparent Mode

b.ransom
Level 1
Level 1

‎06-25-2008 01:43 PM - edited ‎03-11-2019 06:05 AM

Hi,

As a begineer in ASA, I'm trying to configure a 5505 to allow 3 hosts to access 4 servers in different routed networks. The 3 hosts are on the same vlan so I would think transparent firewall would work for this. The example below is from Config notes and I can't seem to define nameif as outside/inside on the two E0/0 or E0/1 interfaces.

The Error is: only vlan interface can be defined nameif.

Using 7.2 code and using base ASA 5505.

I must be missing something real simple ;-))). Any example of a tranparent mode config would be great!

ciscoasa#show running-config

: Saved

:

ASA Version 8.0(2)

!

!--- In order to set the firewall mode to transparent mode

firewall transparent

hostname ciscoasa

enable password xxx

names

!

interface Ethernet0/0

nameif outside

security-level 0

!

interface Ethernet0/1

nameif inside

security-level 100

!

interface Ethernet0/2

shutdown

no nameif

no security-level

!

interface Ethernet0/3

shutdown

no nameif

no security-level

!

interface Management0/0

shutdown

no nameif

no security-level

management-only

!

passwd xxx

ftp mode passive

pager lines 24

mtu outside 1500

mtu inside 1500

!--- IP Address for the Management.

!--- Avoid using this IP Address as a default gateway.

!--- The security appliance uses this address as the source address

!--- for traffic originating on the security appliance, such as system

!--- messages or communications with AAA servers. You can also use this

!--- address for remote management access.

ip address 192.168.1.1 255.255.255.0

no failover

icmp unreachable rate-limit 1 burst-size 1

!--- Output Suppressed

service-policy global_policy global

prompt hostname context

Cryptochecksum:xxx

: end

ciscoasa(config)#

Labels:
0 Helpful
3 Replies 3

dhananjoy chowdhury
Level 5
Level 5

‎06-26-2008 01:42 AM

Hi, try this ..

interface Vlan10

nameif inside

security-level 100

interface Vlan20

nameif outside

security-level 0

interface Ethernet0/0

switchport access vlan 20

no shut

interface Ethernet0/1

switchport access vlan 10

no shut

0 Helpful

b.ransom
Level 1
Level 1
In response to dhananjoy chowdhury

‎06-26-2008 11:05 AM

Thanks

yep- it was simple

now if my extended access list will just work

0 Helpful

mdhungana
Level 1
Level 1

‎02-28-2014 06:57 AM

Hi,

I do have extra question.

5505 does not accept nameif for the ethernet port and we have to use vlan for nameif.  There will be at least two vlan, each for one interface inside and outside. I have to provide to configure two subnets, one for each VLAN. Then, is this really transparent. With 5510 and higher it is possible to use single network for both interfaces, but not with 5505. Any suggestions?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card