Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA with Transparent Mode Stateful inspection

I'm wondering if it is possible for the ASA to do stateful inspection in transparent mode?

As far as I know at the moment it only works as a packet filter?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: ASA with Transparent Mode Stateful inspection

Yes you can perform application inspection in Transparent mode.

Hope that helps.

7 REPLIES

Re: ASA with Transparent Mode Stateful inspection

Yes you can perform application inspection in Transparent mode.

Hope that helps.

New Member

Re: ASA with Transparent Mode Stateful inspection

Thanks for the answer.

I want to use the transparent Firewall stateful:

( Answers to outgoing session are allowed incomming because the initiation was from inside)

Application Inspection as far as I know works on a higher OSI Level.

Re: ASA with Transparent Mode Stateful inspection

Even though the ASA doesn't route the traffic, it can still read and inspect traffic at all 7 layers.

New Member

Re: ASA with Transparent Mode Stateful inspection

We want to allow all incomming sessions at the outside interface when they are initiated from the inside.

(Stateful Firewall)

Is this possible in transparent mode?

Application inspection isn't needed.

Re: ASA with Transparent Mode Stateful inspection

It should. The stateful firewall and the inspection engine work hand in hand. Even if you don't use the inspection, the firewall should keep track of all connections.

New Member

Re: ASA with Transparent Mode Stateful inspection

Thank you! Sounds very good!

We experienced problems with the stateful function in transparent mode.

We got no reply if we have no incomming rule at the outside interface to allow the connnection, which was initiated at the inside interface.

Can you please provide a sample configuration which works stateful in transparent mode?

Thanks!!!

New Member

Re: ASA with Transparent Mode Stateful inspection

Now we have verified it. The ASA works stateful in Transparent Mode. We tested the stateful function the wrong way all the time.

Thanks for your help!

279
Views
0
Helpful
7
Replies