Transparent Firewall

Unanswered Question
Aug 25th, 2009
User Badges:

If you want to manage a transparent firewall that resides in a different VLAN/IP subnet do you just add a route to the transparent firewall back to the managing host?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jbayuka Tue, 09/01/2009 - 14:11
User Badges:
  • Bronze, 100 points or more

A typical Cisco IOS Firewall is a Layer 3 device with trusted and untrusted interfaces on different IP subnets. A Layer 3 firewall works well with Cisco IOS devices that function as routers with preexisting subnet separations. However, when a Layer 3 firewall is placed in an existing network, the network IP addresses must be reconfigured to accommodate the firewall.

A transparent Cisco IOS firewall acts as a Layer 2 transparent bridge with context-based access control (CBAC) and ACLs configured on the bridged interface. Because the Layer 2 firewall intercepts packets at Layer 2 and is "transparent" to the existing network, Layer 3 firewall limitations are not applicable.

Collin Clark Wed, 09/02/2009 - 05:33
User Badges:
  • Purple, 4500 points or more

Transparent firewall mode on the security appliance allows only two interfaces to pass through traffic. However, you can set up a dedicated management interface, which can be either a physical interface or a subinterface, as a third interface. This interface must be set up for the management-only command. Place this interface into your management VLAN.

Hope that helps.

jthomp7626 Fri, 09/04/2009 - 13:02
User Badges:

Hello. PTI

Will this scenario support TACACS+ commands? Want to enable report generation in TAACS+ Administration.


This Discussion