Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Transparent firewall on an 871

I have a frame connection to a class C network and want to segregate the traffic into four categories to be plugged into fa0 through fa3. I assigned an IP to fa4 and put vlan1 in switchport access mode with no ip but that does not allow firewalling unless I assign an ip to one more interface.

Is it possible to set an 871 between the edge router and the network without changing any net configs in the class C and still be able to firewall between the edge and the three interfaces?

3 REPLIES
Silver

Re: Transparent firewall on an 871

Yes, you can configure an 871 as a transparent firewall. You will need to:

"Configure a Bridge Group (required)

"Configure Inspection and ACLs (required)

"Forward DHCP Traffic (optional)

"Monitor Transparent Firewall Events (optional)

Following link may help you

http://www.cisco.com/en/US/docs/ios/12_4/secure/configuration/guide/h_trans.html

New Member

Re: Transparent firewall on an 871

adding the ip to the bridge group and specifying the route was what I was missing, thank you for pointing me to the doc, it was exactly what I needed.

New Member

Re: Transparent firewall on an 871

But one more question.

If you wanted to utilize the sdm to configure firewall rules, you are required to add a second ip address. the two addresses are not allowed to overlap yet both must be on the same subnet to pick up the traffic?

101
Views
4
Helpful
3
Replies