Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
755
Views
0
Helpful
3
Replies

Layer 2 FOS

ditscap
Level 1
Level 1

‎10-26-2004 08:34 AM - edited ‎03-09-2019 09:13 AM

For a year and a half I have heard that Cisco is coming out with a new FOS that is capable of acting as a layer 2 firewall.

This was supposed to be out last feb?

When will this be released?

Labels:
0 Helpful
3 Replies 3

hoangbp
Level 1
Level 1

‎10-26-2004 03:47 PM

Hi DITSCAP:

I believe you are asking about Transparent Firewalling. Please check out the following links for more info on how it works and how to configure this on IOS-based routers with IOS version 12.3T and FWSM 2.2(1).

IOS 12.3T support:

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801ee193.html

Catalyst FWSM:

http://www.cisco.com/en/US/products/hw/modules/ps2706/prod_bulletin0900aecd800fa563.html

Hope this helps.

Thanks,

Binh

0 Helpful

ditscap
Level 1
Level 1
In response to hoangbp

‎10-26-2004 07:30 PM

I'm talking about the pix acting as a transparent layer 2 firewall. I remember reading about it in the summer of 03... the only reference I can find is from march 04, shown below. I keep hearing the new pix fos will be out soon... when? I needed this functionality last year and desperately need it now.

gfullage - CISCO SYSTEMS, CCIE

Mar 14, 2004, 1:12pm PST

The PIX can't currently act as a Layer 2 firewall, this functionality will be in the next major release of code due out later this year. For the moment you'll need a small subnet in between the ISP and the PIX.

If you don't want people to see the PIX then first thing is to make sure it doesn't respond to pings. Use the "icmp" command for that (http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/gl.htm#wp1026574). Make sure you allow ICMP unreachables to the outside interface though so Path MTU Discovery can work properly (http://www.cisco.com/warp/public/105/38.shtml#pmtud_fail).

Other than that it looks fine, pretty standard.

0 Helpful

scoclayton
Level 7
Level 7
In response to ditscap

‎10-27-2004 05:06 AM

The PIX 7.0 release (due in the January timeframe) will support a feature we are calling transparent firewalling (or L2 capable firewall). IOS firewall has supported this feature since last spring - not sure if that is where the confusion may be.

Hope this helps.

Scott

0 Helpful
Customers Also Viewed These Support Documents