15-9
Cisco Security Appliance Command Line Configuration Guide
OL-12172-01
Chapter 15 Firewall Mode Overview
Transparent Mode Overview
Using the Transparent Firewall in Your Network
Figure 15-6 shows a typical transparent firewall network where the outside devices are on the same
subnet as the inside devices. The inside router and hosts appear to be directly connected to the outside
router.
Figure 15-6 Transparent Firewall Network
Transparent Firewall Guidelines
Follow these guidelines when planning your transparent firewall network:
• A management IP address is required; for multiple context mode, an IP address is required for each
context.
Unlike routed mode, which requires an IP address for each interface, a transparent firewall has an
IP address assigned to the entire device. The security appliance uses this IP address as the source
address for packets originating on the security appliance, such as system messages or AAA
communications.
The management IP address must be on the same subnet as the connected network. You cannot set
the subnet to a host subnet (255.255.255.255).
You can configure an IP address for the Management 0/0 management-only interface. This IP
address can be on a separate subnet from the main management IP address.
• The transparent security appliance uses an inside interface and an outside interface only. If your
platform includes a dedicated management interface, you can also configure the management
interface or subinterface for management traffic only.
10.1.1.1
10.1.1.2
Management IP
10.1.1.3
192.168.1.2
Network A
Network B
Internet
92411