Transparent Firewall Mode: As the name suggests, the first feature is that it is transparent to the user, that is, the user is not aware of the existence of the firewall.
Pros: Increased network security without changing the network topology.
Features: Transparent to users.
Applicable environment: The server must be a real Internet address and need to protect hosts in different areas of the same subnet.
Routing Pattern: Based on IP address** traffic, i.e. Layer 3 firewall.
Transparent: Traffic based on MAC addresses, i.e., Layer 2 firewalls.
Second, Cisco Configure Transparent Bridge Mode to Begin:
ciscoasa(config) clear configure all clears the original configuration.
Ciscoasa(config) hostname Ciscoasa firewall name.
Ciscoasa(config) clock timezone CST 8 Time Synchronization Server.
ciscoasa(config)# show firewall
Firewall Mode: The router is currently routed mode.
Ciscoasa(Config) Firewall Transparent is configured in transparent bridge mode.
interfacegigabitethernet 1/1
nameif inside configures the network incoming line.
security-level 100
bridge-group 1
no shutdown
interfacegigabitethernet 1/2
nameif outside Configure an internal network outgoing line.
security-level 0
bridge-group 1
no shutdown
Add G1 1 and G1 2 to Bridge Group 1
Assign an IP address to the Bridge Group, which is only used to manage traffic, here BVI, similar to the SVI interface with a switch.
interface bvi 1
ip address 192.168.10.2 255.255.255.0 Many newbies find that they can't access this because they don't bind it!!
HTTP Server Enabled - Once enabled, an ASA can be configured from an intranet PC using ASDM
http server enable
http192.168.10.111 255.255.255.255 inside
Disabling MAC Learning [After disabling, it does not recognize new machines added to the intranet, and with ARP binding, you can prevent unbound PCs from accessing the server.]
Don't configure it yet!
mac-learn inside disable
mac-learn outside disable