Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1078
Views
0
Helpful
5
Replies

cisco asa

Go to solution
blue4ciscome
Level 1
Level 1

‎03-21-2011 11:49 PM - edited ‎03-11-2019 01:10 PM

I planning to integrate cisco asa5505 device in runing enviornment for filter ip traffic.

Internet ----router----ciscoasa----lan

Ip series is public(25.263.25.0/24) througout of network (no privateIP)

now how do I set asa in such case and filter traffic from comming into lan and going out to internet.

pls input on case wise only .

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andamani
Cisco Employee
Cisco Employee
In response to blue4ciscome

‎03-24-2011 05:48 AM

Hi,

The firewall in transparent mode will not filter L3 traffic, as it behaves like a bridge. It does not understand the Ip address in transparent mode.

You can create MAC Based ACL. the link for the same is below:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

If you want to filter L3 traffic, then configure the ASA in routed mode.

Hope this helps.

Regards,

Anisha

P.S.: please mark this post as answered if you feel your query is answered. Do rate helpful posts.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎03-22-2011 04:34 AM

What sort of traffic would you like to allow outbound to the Internet from your LAN?

Here is an example:

Allowing HTTP and HTTPS outbound:

access-list inside-acl permit tcp 255.255.255.0 any eq 80

access-list inside-acl permit tcp 255.255.255.0 any eq 443

access-group inside-acl in interface inside

You can just add on to the above access-list for other traffic that you would like to allow going outbound from your public LAN subnet.

Hope this helps.

0 Helpful

Go to solution
blue4ciscome
Level 1
Level 1
In response to Jennifer Halim

‎03-22-2011 06:08 AM

jen,

I didn;t configure firewall yet and no idea how do I configure it either in transparent mode or routed mode?

I need some input on firewall config in such condition where all ips are same subnet.

0 Helpful

Go to solution
andamani
Cisco Employee
Cisco Employee
In response to blue4ciscome

‎03-22-2011 06:28 AM

Hi,

In case you want to use the ASA as a L2 device then configure it as transparent mode. If you want to use it as a L3 device, configure it in the routed mode.

The following thread explains the difference between them.

https://supportforums.cisco.com/message/3057421

Hope this helps.

Regards,

Anisha

- Do rate helpful posts.

0 Helpful

Go to solution
blue4ciscome
Level 1
Level 1
In response to andamani

‎03-24-2011 12:50 AM

Hi anisha,

Do transparent mode will filter L3 Traffic(ACL),

I mean how do I configure asa in my case ?

0 Helpful

Go to solution
andamani
Cisco Employee
Cisco Employee
In response to blue4ciscome

‎03-24-2011 05:48 AM

Hi,

The firewall in transparent mode will not filter L3 traffic, as it behaves like a bridge. It does not understand the Ip address in transparent mode.

You can create MAC Based ACL. the link for the same is below:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

If you want to filter L3 traffic, then configure the ASA in routed mode.

Hope this helps.

Regards,

Anisha

P.S.: please mark this post as answered if you feel your query is answered. Do rate helpful posts.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card