Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
807
Views
0
Helpful
4
Replies

asa in transparent mode

Go to solution
dhalevi
Level 1
Level 1

‎01-20-2011 04:45 AM - edited ‎03-11-2019 12:37 PM

hi,

I am trying to setup an ASA in transparent mode.  I have a 2950 connected to the inside interface and a 7200 connected to the outside interface.

I can't ping from the 2950 to the 7200.

As a sanity check I connect the 2950 and 7200 directly to each other and everything works as expected.  Does anyone have any ideas?

Here is the config on the ASA

ASA Version 7.2(2)
!
firewall transparent
hostname ciscoasa
enable password

names
!
interface Ethernet0/0
nameif outside
security-level 0
!
interface Ethernet0/1
nameif inside
security-level 100
!
interface Ethernet0/2
shutdown
no nameif
no security-level
!
interface Ethernet0/3
shutdown
no nameif
no security-level
!
interface Management0/0
no nameif
no security-level
ip address
management-only
!
passwd  encrypted
ftp mode passive
pager lines 24
mtu outside 1500
mtu inside 1500
no ip address
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh timeout 5
console timeout 0
!
!
prompt hostname context
Cryptochecksum:: end

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andamani
Cisco Employee
Cisco Employee

‎01-20-2011 04:59 AM

Hi,

Please assign a management IP address.

The link below will help in configuration of the transparent Fw.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/fwmode.html#wp1202704

Regards,

Anisha

View solution in original post

0 Helpful
4 Replies 4

Go to solution
andamani
Cisco Employee
Cisco Employee

‎01-20-2011 04:59 AM

Hi,

Please assign a management IP address.

The link below will help in configuration of the transparent Fw.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/fwmode.html#wp1202704

Regards,

Anisha

0 Helpful

Go to solution
dhalevi
Level 1
Level 1
In response to andamani

‎01-20-2011 05:15 AM

Thanks Anisha,

I had an ip address on the management interface before.

I took it off and applied it in config mode

ftp mode passive
pager lines 24
mtu outside 1500
mtu inside 1500
ip address 192.168.1.1 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1

The ip address is in the same subnet as all the other devices.  I can ping the management ip from both sides inside and outside, but I still can't ping accross the firewall.  Any other thoughts?

thanks!

0 Helpful

Go to solution
dhalevi
Level 1
Level 1
In response to andamani

‎01-20-2011 05:20 AM

i was expecting pings to go through  ... but I guess I have to add an acl for that.

I can telent accross so it is working now.

thanks for your help!

0 Helpful

Go to solution
andamani
Cisco Employee
Cisco Employee
In response to dhalevi

‎01-20-2011 05:24 AM

try fixup icmp or inspect icmp in the service policy

Regards,

Anisha

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card