05-25-2006 11:09 PM - edited 02-21-2020 02:26 PM
Hi,
i have a pix 515e v7.12.
When i use it in transparent mode,can i configure it to perform site to site vpn ?
Thank you,
Mauro
Solved! Go to Solution.
05-28-2006 09:12 AM
the cisco pix or the asa with the 7.0 code will not support vpn in trnaparent mode. it can only support vpn for management purpose only and nothing else. u cannot even terminate vpn on a router behind the asa in transparent mode also. but netscreen does. hope this helps.
see ya
regards
sebastan
05-26-2006 08:03 AM
Hello Mauro,
I did a quick search on the site and I think that this may help to answer your question and hopefully show you some configuration options.
Cheers,
Chris
05-28-2006 09:12 AM
the cisco pix or the asa with the 7.0 code will not support vpn in trnaparent mode. it can only support vpn for management purpose only and nothing else. u cannot even terminate vpn on a router behind the asa in transparent mode also. but netscreen does. hope this helps.
see ya
regards
sebastan
05-28-2006 06:29 PM
Hi .. please see below
" Unsupported Features in Transparent Mode
The following features are not supported in transparent mode:
NAT
NAT is performed on the upstream router.
Dynamic routing protocols
You can, however, add static routes for traffic originating on the security appliance. You can also
allow dynamic routing protocols through the security appliance using an extended access list.
IPv6
DHCP relay
The transparent firewall can act as a DHCP server, but it does not support the DHCP relay
commands. DHCP relay is not required because you can allow DHCP traffic to pass through using
an extended access list.
Quality of Service
Multicast
You can, however, allow multicast traffic through the security appliance by allowing it in an
extended access list.
VPN termination for through traffic
The transparent firewall supports site-to-site VPN tunnels for management connections only. It does
not terminate VPN connections for traffic through the security appliance. You can pass VPN traffic
through the security appliance using an extended access list, but it does not terminate
non-management connections."
I hope it helps .. please rate it if it does !!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide