06-13-2007 02:44 AM - edited 03-11-2019 03:29 AM
Sir,
I have Pix515E-R with 16 MB
With IOS 6.3
I want to configute Transparent mode
in my pix , Suggest me what should
I Do.
Thanking You
Dipak Parmar
06-13-2007 03:07 AM
Before that go through this url
It is important to know what transparent mode can support & what not
http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/fwmode.html#wp1201980
The command is
firewall transparent
*** Procedure to configure transparent mode ***
Take a look at the link below for the config
http://www.cisco.com/en/US/docs/security/asa/asa71/configuration/guide/examples.html#wp1010043
06-13-2007 04:10 AM
Thanks for Your support
my IOS can not support
firewall transparent command
Should I have to upgrade My IOS ?
06-13-2007 04:12 AM
what version are you running ?
06-13-2007 04:20 AM
sir ,
its 6.3
06-13-2007 04:40 AM
I guess yes
Transparent Firewall Mode
PIX firewalls have always operated on IP packets, where all of the stateful traffic inspection is performed at Layer 3. This is usually called routed mode, where the firewall acts more or less as a router and has IP addresses applied to its own interfaces.
With PIX 7.0, a security appliance can be configured to operate in routed or transparent firewall mode. Transparent mode makes the firewall act more like a Layer 2 bridge, where packets are handled by MAC addresses. Although this prevents the firewall from using IP addresses on its interfaces (except for a single management address), the firewall still inspects traffic using IP addresses and all of the inspection rules youre used to seeing.
Transparent mode has several benefits: without interface IP addresses, the firewall has no detectable presence on the network and malicious users wont be able to find the firewall at all. In addition, the firewall can inspect other non-IP traffic based solely on the EtherType field in the packet headers.
HTH _ please rate all useful Posts
06-13-2007 05:06 AM
thanks for this wonderful support,
If I want to upgrade IOS 6.3 to 7.6
is there any hardware configuration changes ?
I have pux515E-R With 16mb RAM
Thanks
06-18-2007 02:57 AM
Dear anandramapathy,
how I use third Port in Transparant Mode
Or I can use only two ports in transparent mode
Thanking you
Dipak Parmar
06-18-2007 03:32 AM
Third interface is not supported. Check the url below
Transparent mode?In transparent mode the PIX does not have IP addresses
assigned to its interfaces. Instead it acts as a Layer 2 bridge that
maintains a MAC address table and makes forwarding decisions based on that.
The use of full extended IP access lists is still available and the
firewall can inspect IP activity at any layer. In this mode of operation
the PIX is often referred to as a "bump in the wire" or "stealth firewall".
There are other significant differences as to how transparent mode operates
in comparison to routed mode:
Only two interfaces are supported?inside and outside
NAT is not supported or required since the PIX is no longer a hop.
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide