Transparent Firewall
Act like a layer 2 switch without IP but still can do filtering, nat, etc. ARP is allowed by default.
But cannot have VPN. ASA is managed via console or BVI
All configs are gone when firewall mode is changed
Transparent ASA doesn't forward bradcast/multicast(routing protocols, DHCP clients, BPDU,etc) by default.
A transparent firewall does not participate in IP routing.The only IP configuration required for ASA is to set the BVI address which is required because the ASA uses this address as the source address for traffic originating on the ASA such as system messages or communications with AAA servers.You can also use this address for remote management access.This address must be on the same subnet as the upstream and downstream routers.
ASA(config)#interface bvi 1
ASA(config-if)#ip address 10.1.1.5 255.255.255.0
ASA(config)#interface bvi 1
ASA(config-if)#ip address 10.1.1.5 255.255.255.0
No comments:
Post a Comment