Re: ASA in transparent mode and IP addresses

marco · ‎02-08-2008

Hello,

I need to put an ASA in transparent mode.

Our router (managed by the carrier) routes more than one public IP class in a single VLAN.

On the "Cisco Security Appliance Command Line Configuration guide", in "Trasnaprent Firewall Guidelines" it's written: "Each directly connected network must be on the same network".

This means also that I can have ONLY ONE subnet that flows fron the outside and the inside, or can I have more than one class?

If I can have only one class, the only solution is to use multiple context (and separate each classes in different interfaces)?

Thanks a lot

marco · ‎02-13-2008

No one can help me?

Thanks a lot.

marco · ‎02-18-2008

Auto answer: there is no limit on the number of IP classes that can flow through the ASA in transparent mode.

Thanks anyway.

Marco.

fashour · ‎02-19-2008

The ASA in trasparent mode works at layer 2. So it really does not care if the traffic that flows through it is from different subnet as long as the L3 devices it connects to knows how to reach these subnet. TheASA in transparent is basically a bump in the wire (a bridge) and for that reason you can only use 2 interfaces on the ASA in transparent implementation.

P.S. When people see attitude in your threads, they will refrain from answering your question. That's for future reference.