cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
399
Views
0
Helpful
2
Replies

ASA 55xx in transparent mode - switch ARP table?

itakacs01
Level 1
Level 1

Guys,

 

It's a basic question about how transparent mode firewalls communicate with the connecting switches.

My understanding is that if I separate the LAN eg. 10.1.1.x with a transparent firewall than it will only "snoop" the traffic and will not change anything in the Ethernet header.

Is it correct or still will replace the MAC address with the firewall physical interface address to send the frame to the connecting switch?

e.g.

 

client--------->switch------->transparent 5510-------->switch---------->server

10.1.1.1                                                                                              10.1.1.100

 

When the client sends the ARP to look up the hardware address of the server then what will that received back?

The MAC address of the transparent ASA, or the server?

 

Thank you!

2 Replies 2

nkarthikeyan
Level 7
Level 7

I Believe it will not replace the mac-address of the server and add its own mac-address.... let me check by doing a small lab and re-confirm you on the same.

 

Regards

Karthik

Source MAC address is never changed if the traffic is passing through same IP subnet (vlan). Here the firewall is in transparent mode and if it alter the source mac address communication will not happen. This is a very fundamental network concept. However it may recreate the same frame with same souce/destination mac addresses.
 

Review Cisco Networking for a $25 gift card