Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1167
Views
5
Helpful
1
Replies

How to make an ASA 5506-X REALLY transparent?

Halkyn
Level 1
Level 1

‎12-28-2022 04:30 PM

I want to insert a spare ASA 5506-X between a core switch and an internet gateway (both non Cisco kit), purely to act as a Netflow source.

I've put the ASA into transparent mode, setup the BVI interface with an IP and assigned two of the physical interfaces to the bridge group. I've named one "Inside" which will connect to the switch, and the other "Outside" which will connect to the gateway. I've assigned both a security level of 100- So far, so good.

I don't want the ASA to control or filter any traffic, either inbound or outbound, as the gateway handles all that.

Is there anything else I need to do such as adding access list(s) to allow traffic to flow freely between the interfaces? If so, what would they look like?

Thanks.

 

1 Reply 1

MHM Cisco World
VIP
VIP

‎12-28-2022 04:43 PM - edited ‎12-28-2022 04:51 PM

I don't want the ASA to control or filter any traffic <<- I think this is not possible, since even if you permit any any traffic still the ASA inspect the traffic and this step cannot bypass.
one option here if it work with netflow you need is config GRE tunnel between CoreSW and InternetGW and hence the ASA always see GRE packet and inside data it can not see and cannot inspect. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card