cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2597
Views
10
Helpful
8
Replies

PIX 515E Configure In Transparent Mode

dipak-parmar
Level 1
Level 1

Sir,

I have Pix515E-R with 16 MB

With IOS 6.3

I want to configute Transparent mode

in my pix , Suggest me what should

I Do.

Thanking You

Dipak Parmar

8 Replies 8

anandramapathy
Level 3
Level 3

Before that go through this url

It is important to know what transparent mode can support & what not

http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/fwmode.html#wp1201980

The command is

firewall transparent

*** Procedure to configure transparent mode ***

Take a look at the link below for the config

http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/examples.html#wp1010043

Thanks for Your support

my IOS can not support

firewall transparent command

Should I have to upgrade My IOS ?

what version are you running ?

sir ,

its 6.3

I guess yes

Transparent Firewall Mode

PIX firewalls have always operated on IP packets, where all of the stateful traffic inspection is performed at Layer 3. This is usually called routed mode, where the firewall acts more or less as a router and has IP addresses applied to its own interfaces.

With PIX 7.0, a security appliance can be configured to operate in routed or transparent firewall mode. Transparent mode makes the firewall act more like a Layer 2 bridge, where packets are handled by MAC addresses. Although this prevents the firewall from using IP addresses on its interfaces (except for a single management address), the firewall still inspects traffic using IP addresses and all of the inspection rules youre used to seeing.

Transparent mode has several benefits: without interface IP addresses, the firewall has no detectable presence on the network and malicious users wont be able to find the firewall at all. In addition, the firewall can inspect other non-IP traffic based solely on the EtherType field in the packet headers.

HTH _ please rate all useful Posts

thanks for this wonderful support,

If I want to upgrade IOS 6.3 to 7.6

is there any hardware configuration changes ?

I have pux515E-R With 16mb RAM

Thanks

Dear anandramapathy,

how I use third Port in Transparant Mode

Or I can use only two ports in transparent mode

Thanking you

Dipak Parmar

Third interface is not supported. Check the url below

Transparent mode?In transparent mode the PIX does not have IP addresses

assigned to its interfaces. Instead it acts as a Layer 2 bridge that

maintains a MAC address table and makes forwarding decisions based on that.

The use of full extended IP access lists is still available and the

firewall can inspect IP activity at any layer. In this mode of operation

the PIX is often referred to as a "bump in the wire" or "stealth firewall".

There are other significant differences as to how transparent mode operates

in comparison to routed mode:

Only two interfaces are supported?inside and outside

NAT is not supported or required since the PIX is no longer a hop.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: