PIX Transparent mode with failover

Posted on 2006-03-25
Last Modified: 2013-11-16
I am a little confused about transparent mode with failover. To explain my confusion,

Let's take the scenario of routed mode in this topology:
LAN router ====== PIX ====== Internet router

In the above diagram, there is a single PIX firewall connecting physically via CAT5 to each of the routers. If I want to add a second PIX, I would have to also get a switch and configure two VLAN's on the switch. In this instance, I would then connect the (2) PIX inside interfaces and the inside router to VLAN1 and would connect the (2) PIX outside interfaces and the outside router to VLAN2.

How would you accomplish the above if you are doing transparent mode along with failover?

Thank you
Question by:billwharton
    LVL 79

    Accepted Solution

    Hey, Bill...
    This document clearly shows that it can be done

    I don't have a way to test, but I would suspect it would be exactly as you would configure it for routed mode
    VLAN on inside with LAN router and 2x PIX inside
    VLAN or another switch on outside with 2x PIX outside and Inet router LAN
    LVL 11

    Author Comment

    Cisco says that in transparent mode, both inside & outside interface should be part of the same vlan/subnet
    LVL 79

    Expert Comment

    Yes, in the same IP subnet, but I would think that having a seperate switch on either side, or separate VLAN would make its job easier.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Suggested Solutions

    Title # Comments Views Activity
    Exchange 2016 8 51
    Cisco SG300 VLAN problem 8 33
    Cisco MSRP pricing 5 41
    VPN Client  - Windows 10 11 104
    Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
    I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
    Need more eyes on your posted question? Go ahead and follow the quick steps in this video to learn how to Request Attention to your question. *Log into your Experts Exchange account *Find the question you want to Request Attention for *Go to the e…
    Excel styles will make formatting consistent and let you apply and change formatting faster. In this tutorial, you'll learn how to use Excel's built-in styles, how to modify styles, and how to create your own. You'll also learn how to use your custo…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now