Firewall Mode Overview
This chapter describes how the firewall works in each firewall mode. To set the firewall mode, see the
"Setting Transparent or Routed Firewall Mode" section on page
This chapter includes the following sections:
•
•
Routed Mode Overview
In routed mode, the security appliance is considered to be a router hop in the network. It can use OSPF
or RIP (in single context mode). Routed mode supports many interfaces. Each interface is on a different
subnet. You can share interfaces between contexts.
This section includes the following topics:
•
•
IP Routing Support
The security appliance acts as a router between connected networks, and each interface requires an
IP address on a different subnet. In single context mode, the routed firewall supports OSPF and RIP.
Multiple context mode supports static routes only. We recommend using the advanced routing
capabilities of the upstream and downstream routers instead of relying on the security appliance for
extensive routing needs.
How Data Moves Through the Security Appliance in Routed Firewall Mode
This section describes how data moves through the security appliance in routed firewall mode, and
includes the following topics:
•
•
•
OL-12172-03
Routed Mode Overview, page 15-1
Transparent Mode Overview, page 15-6
IP Routing Support, page 15-1
How Data Moves Through the Security Appliance in Routed Firewall Mode, page 15-1
An Inside User Visits a Web Server, page 15-2
An Outside User Visits a Web Server on the DMZ, page 15-3
An Inside User Visits a Web Server on the DMZ, page 15-4
C H A P T E R
2-5.
Cisco Security Appliance Command Line Configuration Guide
15
15-1