Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1287
Views
0
Helpful
3
Replies

Transparent Firewall

iqbalkhan
Level 1
Level 1

‎06-02-2007 10:51 PM - edited ‎03-11-2019 03:24 AM

Hi

can anyone easily describe how cisco pix work as a transparent firewall and what it is ?.

Thanks

biplob

Labels:
0 Helpful
3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

‎06-03-2007 12:15 AM

Hi

When a pix firewall is in transparent mode it is basically "seen" as a layer 2 device rather than a layer 3 device. An explanation should help.

routerA -> Pix -> routerB

If the pix is in "normal" routed mode then the the 2 routers do not see each other as neighbours. The IP addressing for the above would look something like

routerA (192.168.1.1) -> (192.168.1.2) Pix (172.16.5.2) -> (172.16.5.1) routerB

So packets being sent from routerA to routerB would be forwarded to the pix inside interface ie 192.168.1.2. The pix would then do a route lookup for the destination IP address and then forward the packet out of it's outside interface ie 172.16.5.2 to routerB.

That's routed mode. Now when the pix is in transparent mode you still get the same layout

routerA -> Pix -> routerB

but the addressing has changed

routerA (192.168.1.1) -> Pix -> (192.168.1.2)routerB.

Note that the 2 routers are on the same subnet. If the routers were running EIGRP or OSPF they would form a neighbourship with each other, providng you allow that traffic through with an access-list. And this is an important point, even though the firewall is in tranpsarent mode you can still allow access based on the source and destination IP addresses. The only traffic allowed through the firewall in transparent mode without an access-list is arp traffic.

Hope this has answered your question

Jon

0 Helpful

iqbalkhan
Level 1
Level 1
In response to Jon Marshall

‎06-03-2007 10:27 PM

Hi

Great !. Now it is clear to me as water. It is clear how transparent picx work.

But my question is if in transparent mode pix only work layer 2 device and work only ACL.

so only this i can use pix ?. without Pix I can surf purpose to apply acl in router.

so transport mode pix useful in practical enviorement.

Thanks

Biplob

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to iqbalkhan

‎06-04-2007 02:54 AM

Hi Biplob

It's a little unclear what you mean but i'll try and answer your question. Please let me know if i have misunderstood.

Even though the pix in transparent mode is seen as a layer 2 device it can still block traffic based on layer 3/4 information ie. IP addresses and port numbers. In a practical environment there are a number of uses

1) If you needed 2 routers to be able to establish a neigbourship with each other ( see previous post)

2) A transparent firewall can be harder to detect for a hacker than a routed firewall as it is just a "bump in the wire" rather than an IP andpoint. Again see previous post for IP addressing to understand this more.

3) It is easier to insert a transparent firewall into an existing production environment as it needs to readdressing on the clients or servers as it is working at layer 2.

4) It can also be used when you need to pass non-IP protocols.

HTH

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card