Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1090
Views
0
Helpful
2
Replies

Bridge Groups, are they required?

Go to solution
patoberli
VIP Alumni
VIP Alumni

‎06-15-2012 04:21 AM - edited ‎03-11-2019 04:19 PM

Hi All

I'm currently a tad confused about Bridge Groups and ASA/FWSM in transparent more. Are they really required or not?

Here one sample: http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_complete_transparent.html

It's written:

At least one bridge group is required per context or in single mode.

So that really sounds like yes you need one.

Where as this config sample here: http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml or many others I found online, never have a bridge group configured.


Could somebody please enlighten me about what is correct?

And does it matter if it's an active/standby configuration?

Thanks a lot

pato

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎06-18-2012 01:48 PM

Pato,

It depends.  On the newer ASA and FWSM you need the BVI. It is just to configure the management IP. This is required.

The old link (the second one that you listed) has the management IP (not under the int BVI) but on the newer ASA code you can see it is configured under the int BVI as you can see here:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_complete_transparent.html#wp1382356

-Kureli

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee

‎06-18-2012 01:48 PM

Pato,

It depends.  On the newer ASA and FWSM you need the BVI. It is just to configure the management IP. This is required.

The old link (the second one that you listed) has the management IP (not under the int BVI) but on the newer ASA code you can see it is configured under the int BVI as you can see here:

http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/interface_complete_transparent.html#wp1382356

-Kureli

0 Helpful

Go to solution
patoberli
VIP Alumni
VIP Alumni
In response to Kureli Sankar

‎06-18-2012 11:32 PM

Thanks for your answer. I was led to this question because we seem to hit

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCti13482 even in 8.4.3

I had the hope that it might be because of the BVI, but seems not so.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card