Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1565
Views
0
Helpful
3
Replies

Vpn in transparent mode

Go to solution
pelitti
Level 1
Level 1

‎05-25-2006 11:09 PM - edited ‎02-21-2020 02:26 PM

Hi,

i have a pix 515e v7.12.

When i use it in transparent mode,can i configure it to perform site to site vpn ?

Thank you,

Mauro

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
sebastan_bach
Level 4
Level 4
In response to chrisbicm

‎05-28-2006 09:12 AM

the cisco pix or the asa with the 7.0 code will not support vpn in trnaparent mode. it can only support vpn for management purpose only and nothing else. u cannot even terminate vpn on a router behind the asa in transparent mode also. but netscreen does. hope this helps.

see ya

regards

sebastan

View solution in original post

0 Helpful
3 Replies 3

Go to solution
chrisbicm
Level 1
Level 1

‎05-26-2006 08:03 AM

Hello Mauro,

I did a quick search on the site and I think that this may help to answer your question and hopefully show you some configuration options.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_book09186a0080107ed1.html

Cheers,

Chris

0 Helpful

Go to solution
sebastan_bach
Level 4
Level 4
In response to chrisbicm

‎05-28-2006 09:12 AM

the cisco pix or the asa with the 7.0 code will not support vpn in trnaparent mode. it can only support vpn for management purpose only and nothing else. u cannot even terminate vpn on a router behind the asa in transparent mode also. but netscreen does. hope this helps.

see ya

regards

sebastan

0 Helpful

Go to solution
Fernando_Meza
Level 7
Level 7

‎05-28-2006 06:29 PM

Hi .. please see below

" Unsupported Features in Transparent Mode

The following features are not supported in transparent mode:

• NAT

NAT is performed on the upstream router.

• Dynamic routing protocols

You can, however, add static routes for traffic originating on the security appliance. You can also

allow dynamic routing protocols through the security appliance using an extended access list.

• IPv6

• DHCP relay

The transparent firewall can act as a DHCP server, but it does not support the DHCP relay

commands. DHCP relay is not required because you can allow DHCP traffic to pass through using

an extended access list.

• Quality of Service

• Multicast

You can, however, allow multicast traffic through the security appliance by allowing it in an

extended access list.

• VPN termination for through traffic

The transparent firewall supports site-to-site VPN tunnels for management connections only. It does

not terminate VPN connections for traffic through the security appliance. You can pass VPN traffic

through the security appliance using an extended access list, but it does not terminate

non-management connections."

I hope it helps .. please rate it if it does !!!

0 Helpful
Customers Also Viewed These Support Documents