https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643496#M559363 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>In case you want to use the ASA as a L2 device then configure it as transparent mode. If you want to use it as a L3 device, configure it in the routed mode.</P><P></P><P>The following thread explains the difference between them.</P><P><A class="jive-link-message-small" href="https://community.cisco.com/message/3057421#3057421">https://supportforums.cisco.com/message/3057421</A></P><P></P><P>Hope this helps.</P><P></P><P>Regards,</P><P>Anisha</P><P></P><P>- Do rate helpful posts.</P></BODY></HTML> Tue, 22 Mar 2011 13:28:02 GMT andamani 2011-03-22T13:28:02Z https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643493#M559358 <P>I planning to integrate cisco asa5505 device in runing enviornment for filter ip traffic.</P><P></P><P></P><P>Internet ----router----ciscoasa----lan</P><P></P><P>Ip series is public(25.263.25.0/24) througout of network (no privateIP)</P><P></P><P>now how do I set asa in such case and filter traffic from comming into lan and going out to internet.</P><P></P><P>pls input on case wise only .</P> Mon, 11 Mar 2019 20:10:29 GMT https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643493#M559358 blue4ciscome 2019-03-11T20:10:29Z https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643494#M559360 <HTML><HEAD></HEAD><BODY><P>What sort of traffic would you like to allow outbound to the Internet from your LAN?</P><P></P><P>Here is an example:</P><P><SPAN style="text-decoration: underline;"><STRONG>Allowing HTTP and HTTPS outbound</STRONG></SPAN>:</P><P></P><P>access-list inside-acl permit tcp <YOUR-LAN-PUBLIC-SUBNET> 255.255.255.0 any eq 80</YOUR-LAN-PUBLIC-SUBNET></P><P>access-list inside-acl permit tcp <YOUR-LAN-PUBLIC-SUBNET> 255.255.255.0 any eq 443</YOUR-LAN-PUBLIC-SUBNET></P><P></P><P>access-group inside-acl in interface inside</P><P></P><P>You can just add on to the above access-list for other traffic that you would like to allow going outbound from your public LAN subnet.</P><P></P><P>Hope this helps.</P></BODY></HTML> Tue, 22 Mar 2011 11:34:45 GMT https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643494#M559360 Jennifer Halim 2011-03-22T11:34:45Z https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643495#M559362 <HTML><HEAD></HEAD><BODY><P>jen,</P><P></P><P>I didn;t configure firewall yet and no idea how do I configure it either in transparent mode or routed mode?</P><P></P><P>I need some input on firewall config in such condition where all ips are same subnet.</P></BODY></HTML> Tue, 22 Mar 2011 13:08:47 GMT https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643495#M559362 blue4ciscome 2011-03-22T13:08:47Z https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643496#M559363 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>In case you want to use the ASA as a L2 device then configure it as transparent mode. If you want to use it as a L3 device, configure it in the routed mode.</P><P></P><P>The following thread explains the difference between them.</P><P><A class="jive-link-message-small" href="https://community.cisco.com/message/3057421#3057421">https://supportforums.cisco.com/message/3057421</A></P><P></P><P>Hope this helps.</P><P></P><P>Regards,</P><P>Anisha</P><P></P><P>- Do rate helpful posts.</P></BODY></HTML> Tue, 22 Mar 2011 13:28:02 GMT https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643496#M559363 andamani 2011-03-22T13:28:02Z https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643497#M559365 <HTML><HEAD></HEAD><BODY><P>Hi anisha,</P><P></P><P>Do transparent mode will filter L3 Traffic(ACL),</P><P></P><P>I mean how do I configure asa in my case ?</P></BODY></HTML> Thu, 24 Mar 2011 07:50:14 GMT https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643497#M559365 blue4ciscome 2011-03-24T07:50:14Z https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643498#M559368 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>The firewall in transparent mode will not filter L3 traffic, as it behaves like a bridge. It does not understand the Ip address in transparent mode.</P><P></P><P>You can create MAC Based ACL. the link for the same is below:</P><P><A class="jive-link-external-small" href="http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml">http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml</A></P><P></P><P>If you want to filter L3 traffic, then configure the ASA in routed mode.</P><P></P><P>Hope this helps.</P><P></P><P>Regards,</P><P>Anisha</P><P></P><P>P.S.: please mark this post as answered if you feel your query is answered. Do rate helpful posts.</P></BODY></HTML> Thu, 24 Mar 2011 12:48:15 GMT https://community.cisco.com/t5/network-security/cisco-asa/m-p/1643498#M559368 andamani 2011-03-24T12:48:15Z