Ok, i got to blog this. Personally i had not configure a Layer 2 transparent firewall in a Cisco Router but this seems interesting, useful and powerful feature to me. I never knew that modern cisco routers have Layer 2 firewall capabilities until this very moment. This transparent firewall somehow works similarly to Layer 3 firewall except that it is totally transparent and requires bridging to be configured. Both Integrated Routing Bridging (IRB) and Bridge Virtual Interface (BVI) needs to be configured in order for it to work.
" A transparent Cisco IOS firewall acts as a Layer 2 transparent bridge with context-based access control (CBAC) and ACLs configured on the bridged interface."
So, transparent firewalling works in accordination with CBAC too which provides even more stringent security measures against interfaces. So on the same router, i can have both Layer 2 and Layer 3 firewall running at the same time with IRB providing Layer 2 bridging on interfaces and BVI providing Layer 3 routing of packets. A detailed step to step configuration and explaination can be found here:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios123/123newft/123t/123t_7/gt_trans.htm
I am looking forward to configure a Layer 2 transparent firewall one of these days :)
Sabtu, 24 Maret 2007
Transparent Layer 2 Firewall
05.29
No comments
Langganan:
Posting Komentar (Atom)
0 komentar:
Posting Komentar