10-07-2009 06:27 AM - edited 03-11-2019 09:23 AM
I'm wondering if it is possible for the ASA to do stateful inspection in transparent mode?
As far as I know at the moment it only works as a packet filter?
Thanks
Solved! Go to Solution.
10-07-2009 06:41 AM
Yes you can perform application inspection in Transparent mode.
Hope that helps.
10-07-2009 06:41 AM
Yes you can perform application inspection in Transparent mode.
Hope that helps.
10-08-2009 03:40 AM
Thanks for the answer.
I want to use the transparent Firewall stateful:
( Answers to outgoing session are allowed incomming because the initiation was from inside)
Application Inspection as far as I know works on a higher OSI Level.
10-08-2009 05:17 AM
Even though the ASA doesn't route the traffic, it can still read and inspect traffic at all 7 layers.
10-08-2009 07:59 AM
We want to allow all incomming sessions at the outside interface when they are initiated from the inside.
(Stateful Firewall)
Is this possible in transparent mode?
Application inspection isn't needed.
10-08-2009 12:38 PM
It should. The stateful firewall and the inspection engine work hand in hand. Even if you don't use the inspection, the firewall should keep track of all connections.
10-09-2009 02:11 AM
Thank you! Sounds very good!
We experienced problems with the stateful function in transparent mode.
We got no reply if we have no incomming rule at the outside interface to allow the connnection, which was initiated at the inside interface.
Can you please provide a sample configuration which works stateful in transparent mode?
Thanks!!!
10-13-2009 07:39 AM
Now we have verified it. The ASA works stateful in Transparent Mode. We tested the stateful function the wrong way all the time.
Thanks for your help!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: