Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 

ASA in Transparent Mode - FAQ

Introduction

This document answers  frequently asked questions about the Cisco Adaptive Security Appliance (ASA) in Transparent Mode.

Refer to Cisco Technical Tips Conventions for more information on document  conventions.

Q. In an ASA configured as a Transparent Firewall and in Multiple Context  mode and a dedicated management interface is configured per context is  it necessary to configure a management IP on the same subnet of the  Inside/Outside interfaces in order to allow the traffic to pass through?

A: Yes. It is recommended to have management IP for a transparent firewall  (or a  context) in the same subnet that it lies in. This is used for  traffic  sourced from the firewall like syslogs, AAA, etc. So,management  IP is a must for the transparent firewall even if we have a dedicated  management interface. Refer the Information about Transparent Firewall for more details.

Q: Is it possible to share the  management interface between contexts  or we will have to use separate interfaces for each context?

A: No.For multiple context mode, each context must use different interfaces and you cannot share an interface across contexts. Refer the  Transparent Firewall Guidelines for more information.

Q: Can a Management Interface be allocated to a context in an ASA configured as a Transparent firewall?

A: Yes.The transparent security appliance uses an inside   interface and an outside interface only. If your platform includes a   dedicated management interface, you can also configure the management   interface or subinterface for management traffic only. Refer the Transparent Firewall Guidelines for more information.

Introduction

Source: https://supportforums.cisco.com/thread/2037273?tstart=0

1470
Views
0
Helpful
0
Comments