Feature History For The Firewall Mode - Cisco ASA Series Cli Configuration Manual

Software version 9.0 for the services module

Hide thumbs Also See for ASA Series:

Configuration manual (429 pages)

Getting started (31 pages)

Mount and connect (12 pages)

Table of Contents

Configuring the Transparent or Routed Firewall

Feature History for the Firewall Mode

Feature History for the Firewall Mode

Feature Name

Transparent Firewall Mode

ARP inspection

MAC address table

Transparent firewall bridge groups

Mixed firewall mode support in multiple

context mode

lists each feature change and the platform release in which it was implemented.

8.5(1)/9.0(1)

Feature History for the Firewall Mode

Feature Information

A transparent firewall is a Layer 2 firewall that acts like a

"bump in the wire," or a "stealth firewall," and is not seen as

a router hop to connected devices.

We introduced the following commands: firewall

transparent, show firewall.

ARP inspection compares the MAC address, IP address, and

source interface in all ARP packets to static entries in the

We introduced the following commands: arp,

arp-inspection, and show arp-inspection.

Transparent firewall mode uses a MAC address table.

We introduced the following commands:

mac-address-table static, mac-address-table aging-time,

mac-learn disable, and show mac-address-table.

If you do not want the overhead of security contexts, or want

to maximize your use of security contexts, you can group

interfaces together in a bridge group, and then configure

multiple bridge groups, one for each network. Bridge group

traffic is isolated from other bridge groups. You can

configure up to 8 bridge groups in single mode or per

context in multiple mode, with 4 interfaces maximum per

bridge group.

Although you can configure multiple bridge groups

on the ASA 5505, the restriction of 2 data interfaces

in transparent mode on the ASA 5505 means you

can only effectively use 1 bridge group.

We introduced the following commands: interface bvi,

bridge-group, show bridge-group.

You can set the firewall mode independently for each

security context in multiple context mode, so some can run

in transparent mode while others run in routed mode.

We modified the following command: firewall

transparent.

Cisco ASA Series CLI Configuration Guide

Show Quick Links

Chapters

Table of Contents

Troubleshooting

Feature History For The Firewall Mode - Cisco ASA Series Cli Configuration Manual

Feature History for the Firewall Mode

Hide quick links:

Chapters

Troubleshooting

Related Manuals for Cisco ASA Series

Related Content for Cisco ASA Series

This manual is also suitable for:

Table of Contents