Showing results for 
Search instead for 
Did you mean: 

Transparent Firewall

Level 1
Level 1

If you want to manage a transparent firewall that resides in a different VLAN/IP subnet do you just add a route to the transparent firewall back to the managing host?

4 Replies 4

Level 5
Level 5

A typical Cisco IOS Firewall is a Layer 3 device with trusted and untrusted interfaces on different IP subnets. A Layer 3 firewall works well with Cisco IOS devices that function as routers with preexisting subnet separations. However, when a Layer 3 firewall is placed in an existing network, the network IP addresses must be reconfigured to accommodate the firewall.

A transparent Cisco IOS firewall acts as a Layer 2 transparent bridge with context-based access control (CBAC) and ACLs configured on the bridged interface. Because the Layer 2 firewall intercepts packets at Layer 2 and is "transparent" to the existing network, Layer 3 firewall limitations are not applicable.

Collin Clark
VIP Alumni
VIP Alumni

Transparent firewall mode on the security appliance allows only two interfaces to pass through traffic. However, you can set up a dedicated management interface, which can be either a physical interface or a subinterface, as a third interface. This interface must be set up for the management-only command. Place this interface into your management VLAN.

Hope that helps.

Hello. PTI

Will this scenario support TACACS+ commands? Want to enable report generation in TAACS+ Administration.

Yes it should.

Review Cisco Networking for a $25 gift card