Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Transparent Firewall

If you want to manage a transparent firewall that resides in a different VLAN/IP subnet do you just add a route to the transparent firewall back to the managing host?


Re: Transparent Firewall

A typical Cisco IOS Firewall is a Layer 3 device with trusted and untrusted interfaces on different IP subnets. A Layer 3 firewall works well with Cisco IOS devices that function as routers with preexisting subnet separations. However, when a Layer 3 firewall is placed in an existing network, the network IP addresses must be reconfigured to accommodate the firewall.

A transparent Cisco IOS firewall acts as a Layer 2 transparent bridge with context-based access control (CBAC) and ACLs configured on the bridged interface. Because the Layer 2 firewall intercepts packets at Layer 2 and is "transparent" to the existing network, Layer 3 firewall limitations are not applicable.

Re: Transparent Firewall

Transparent firewall mode on the security appliance allows only two interfaces to pass through traffic. However, you can set up a dedicated management interface, which can be either a physical interface or a subinterface, as a third interface. This interface must be set up for the management-only command. Place this interface into your management VLAN.

Hope that helps.

New Member

Re: Transparent Firewall

Hello. PTI

Will this scenario support TACACS+ commands? Want to enable report generation in TAACS+ Administration.

Re: Transparent Firewall

Yes it should.

CreatePlease to create content