Hi All This is working now. I rechecked the Switch interfaces and the Interface connecting to the “Inside” Interface of the Transparent FW was configured as a Trunk. Changed this to an Access Port and traffic is passing through the Transparent FW now. Sending this email whilst connected to the LAN and going through both the Routed FW and the Transparent FW.
Thanks for all the advice Regards Steven From: Jason Madsen [mailto:[email protected]] Sent: 02 September 2012 12:58 AM To: Steven van Jaarsveld Cc: ccie_security Subject: Re: [OSL | CCIE_Security] Transparent Firewall With IPS You need a unique VLAN on the FW on IN and OUT. Jason Sent from my iPhone On Sep 1, 2012, at 4:02 PM, Steven van Jaarsveld <[email protected]<mailto:[email protected]>> wrote: Hi List I am trying to implement an ASA5520 with an AIM-SSP-20 IPS Module in transparent mode between an existing Cisco ASA FW that performs NAT and the client’s Internet Router. The reason the customer wants the IPS here is to scan the traffic that is destined for the Web Production DMZ. I have configured the ASA5520 with an IP Address in the same Subnet as the Subnet between the Internet Router and the Existing ASA but I am not getting any joy with passing traffic through the FW. I have disabled the IPS for now. Below is a diagram and the ASA configuration is attached <image003.png> Regards Steven <MZSW-MCNET-IPSFW - 2012-09-01.txt> _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com<http://www.ipexpert.com> Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com<http://www.PlatinumPlacement.com>
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
