https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803132#M1003213 <HTML><HEAD></HEAD><BODY><P>I guess yes</P><P></P><P>Transparent Firewall Mode</P><P></P><P>PIX firewalls have always operated on IP packets, where all of the stateful traffic inspection is performed at Layer 3. This is usually called routed mode, where the firewall acts more or less as a router and has IP addresses applied to its own interfaces. </P><P></P><P>With PIX 7.0, a security appliance can be configured to operate in routed or transparent firewall mode. Transparent mode makes the firewall act more like a Layer 2 bridge, where packets are handled by MAC addresses. Although this prevents the firewall from using IP addresses on its interfaces (except for a single management address), the firewall still inspects traffic using IP addresses and all of the inspection rules youre used to seeing. </P><P></P><P>Transparent mode has several benefits: without interface IP addresses, the firewall has no detectable presence on the network and malicious users wont be able to find the firewall at all. In addition, the firewall can inspect other non-IP traffic based solely on the EtherType field in the packet headers. </P><P></P><P></P><P></P><P>HTH _ please rate all useful Posts</P></BODY></HTML> Wed, 13 Jun 2007 11:40:44 GMT anandramapathy 2007-06-13T11:40:44Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803127#M1003208 <P>Sir,</P><P> I have Pix515E-R with 16 MB </P><P>With IOS 6.3 </P><P></P><P>I want to configute Transparent mode </P><P>in my pix , Suggest me what should </P><P>I Do.</P><P></P><P>Thanking You</P><P>Dipak Parmar</P> Mon, 11 Mar 2019 10:29:22 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803127#M1003208 dipak-parmar 2019-03-11T10:29:22Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803128#M1003209 <HTML><HEAD></HEAD><BODY><P>Before that go through this url </P><P>It is important to know what transparent mode can support &amp; what not</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/fwmode.html#wp1201980" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/fwmode.html#wp1201980</A></P><P></P><P></P><P>The command is </P><P></P><P>firewall transparent</P><P></P><P>*** Procedure to configure transparent mode ***</P><P></P><P>Take a look at the link below for the config</P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/examples.html#wp1010043" target="_blank">http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/examples.html#wp1010043</A></P></BODY></HTML> Wed, 13 Jun 2007 10:07:56 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803128#M1003209 anandramapathy 2007-06-13T10:07:56Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803129#M1003210 <HTML><HEAD></HEAD><BODY><P>Thanks for Your support</P><P></P><P>my IOS can not support</P><P></P><P>firewall transparent command</P><P></P><P>Should I have to upgrade My IOS ?</P><P></P><P> </P></BODY></HTML> Wed, 13 Jun 2007 11:10:36 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803129#M1003210 dipak-parmar 2007-06-13T11:10:36Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803130#M1003211 <HTML><HEAD></HEAD><BODY><P>what version are you running ?</P></BODY></HTML> Wed, 13 Jun 2007 11:12:58 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803130#M1003211 anandramapathy 2007-06-13T11:12:58Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803131#M1003212 <HTML><HEAD></HEAD><BODY><P>sir ,</P><P>its 6.3</P></BODY></HTML> Wed, 13 Jun 2007 11:20:23 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803131#M1003212 dipak-parmar 2007-06-13T11:20:23Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803132#M1003213 <HTML><HEAD></HEAD><BODY><P>I guess yes</P><P></P><P>Transparent Firewall Mode</P><P></P><P>PIX firewalls have always operated on IP packets, where all of the stateful traffic inspection is performed at Layer 3. This is usually called routed mode, where the firewall acts more or less as a router and has IP addresses applied to its own interfaces. </P><P></P><P>With PIX 7.0, a security appliance can be configured to operate in routed or transparent firewall mode. Transparent mode makes the firewall act more like a Layer 2 bridge, where packets are handled by MAC addresses. Although this prevents the firewall from using IP addresses on its interfaces (except for a single management address), the firewall still inspects traffic using IP addresses and all of the inspection rules youre used to seeing. </P><P></P><P>Transparent mode has several benefits: without interface IP addresses, the firewall has no detectable presence on the network and malicious users wont be able to find the firewall at all. In addition, the firewall can inspect other non-IP traffic based solely on the EtherType field in the packet headers. </P><P></P><P></P><P></P><P>HTH _ please rate all useful Posts</P></BODY></HTML> Wed, 13 Jun 2007 11:40:44 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803132#M1003213 anandramapathy 2007-06-13T11:40:44Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803133#M1003214 <HTML><HEAD></HEAD><BODY><P>thanks for this wonderful support,</P><P></P><P>If I want to upgrade IOS 6.3 to 7.6</P><P></P><P>is there any hardware configuration changes ?</P><P></P><P>I have pux515E-R With 16mb RAM</P><P></P><P>Thanks</P></BODY></HTML> Wed, 13 Jun 2007 12:06:04 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803133#M1003214 dipak-parmar 2007-06-13T12:06:04Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803134#M1003215 <HTML><HEAD></HEAD><BODY><P>Dear anandramapathy,</P><P> </P><P> how I use third Port in Transparant Mode </P><P>Or I can use only two ports in transparent mode </P><P></P><P>Thanking you</P><P>Dipak Parmar</P><P></P></BODY></HTML> Mon, 18 Jun 2007 09:57:37 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803134#M1003215 dipak-parmar 2007-06-18T09:57:37Z https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803135#M1003216 <HTML><HEAD></HEAD><BODY><P>Third interface is not supported. Check the url below</P><P></P><P>Transparent mode?In transparent mode the PIX does not have IP addresses</P><P>assigned to its interfaces. Instead it acts as a Layer 2 bridge that</P><P>maintains a MAC address table and makes forwarding decisions based on that.</P><P>The use of full extended IP access lists is still available and the</P><P>firewall can inspect IP activity at any layer. In this mode of operation</P><P>the PIX is often referred to as a "bump in the wire" or "stealth firewall".</P><P>There are other significant differences as to how transparent mode operates</P><P>in comparison to routed mode:</P><P></P><P>Only two interfaces are supported?inside and outside</P><P>NAT is not supported or required since the PIX is no longer a hop.</P><P></P><P></P><P></P><P><A class="jive-link-custom" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml" target="_blank">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml</A></P><P></P><P></P></BODY></HTML> Mon, 18 Jun 2007 10:32:52 GMT https://community.cisco.com/t5/network-security/pix-515e-configure-in-transparent-mode/m-p/803135#M1003216 anandramapathy 2007-06-18T10:32:52Z