Hi Steven, You need ACLs when using transparent mode. You'll also need to add routes for traffic passing through it that's outside of the local subnet.
Jason Sent from my iPhone On Sep 1, 2012, at 4:02 PM, Steven van Jaarsveld <[email protected]> wrote: > Hi List > > I am trying to implement an ASA5520 with an AIM-SSP-20 IPS Module in > transparent mode between an existing Cisco ASA FW that performs NAT and the > client’s Internet Router. The reason the customer wants the IPS here is to > scan the traffic that is destined for the Web Production DMZ. I have > configured the ASA5520 with an IP Address in the same Subnet as the Subnet > between the Internet Router and the Existing ASA but I am not getting any joy > with passing traffic through the FW. I have disabled the IPS for now. Below > is a diagram and the ASA configuration is attached > > <image003.png> > > > Regards > Steven > <MZSW-MCNET-IPSFW - 2012-09-01.txt> > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
