Transparent user context in an ASA with routed user contexts

SabeelShakeel00430 · ‎10-01-2021

Hi,

I'd like to know if its possible to create a transparent context on an ASA that has routed contexts. I've not seen anything that suggests the two context types can be mixed.

If its possible to do so, then I will need to trunk two vlans - in this example i'll use vlan 1 and vlan 2. i understand in a transparent set-up a BVI will need to be created per vlan and would like to know if its possible to have the same inbound and outbound vlan in a BVI eg:

BVI1:

inside interface - Vlan 1

Outside interface - Vlan 1

BVI ip address - 1.1.1.1

BVI2:

inside interface - Vlan 2

Outside interface - Vlan 2

BVI ip address - 2.2.2.2

Best Regards,

Sabeel

Chakshu Piplani · ‎10-01-2021

To answer the first part of your question, its supported from 9.0 and above to have mixed modes of firewall in multiple context

Source:https://www.ciscolive.com/c/dam/r/ciscolive/latam/docs/2015/pdf/BRKSEC-2021.pdf

Also tested this in lab:

ASA5585-X-1# sh firewall
    Context                 Mode
admin                       Router
test                        Transparent
ASA5585-X-1#

Regards,

Chakshu

Do rate helpful posts!

SabeelShakeel00430 · ‎10-01-2021

Hi,

Thank you so much for this. Would this mean i can also create bridge groups with the same vlans as mentioned previously or would I still need a different external vlan ?

Best Regards,

Sabeel