EasyManuals Logo
Home>Cisco>Network Hardware>ASA Series

Cisco ASA Series User Manual

Cisco ASA Series
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #146 background imageLoading...
Page #146 background image
1-10
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring the Transparent or Routed Firewall
Configuring ARP Inspection for the Transparent Firewall
Detailed Steps
Configuring ARP Inspection for the Transparent Firewall
This section describes how to configure ARP inspection and includes the following topics:
Task Flow for Configuring ARP Inspection, page 1-10
Adding a Static ARP Entry, page 1-10
Enabling ARP Inspection, page 1-11
Task Flow for Configuring ARP Inspection
To configure ARP Inspection, perform the following steps:
Step 1 Add static ARP entries according to the Adding a Static ARP Entry” section on page 1-10. ARP
inspection compares ARP packets with static ARP entries in the ARP table, so static ARP entries are
required for this feature.
Step 2 Enable ARP inspection according to the “Enabling ARP Inspection” section on page 1-11.
Adding a Static ARP Entry
ARP inspection compares ARP packets with static ARP entries in the ARP table. Although hosts identify
a packet destination by an IP address, the actual delivery of the packet on Ethernet relies on the Ethernet
MAC address. When a router or host wants to deliver a packet on a directly connected network, it sends
an ARP request asking for the MAC address associated with the IP address, and then delivers the packet
to the MAC address according to the ARP response. The host or router keeps an ARP table so it does not
have to send ARP requests for every packet it needs to deliver. The ARP table is dynamically updated
whenever ARP responses are sent on the network, and if an entry is not used for a period of time, it times
out. If an entry is incorrect (for example, the MAC address changes for a given IP address), the entry
times out before it can be updated.
Note The transparent firewall uses dynamic ARP entries in the ARP table for traffic to and from the ASA,
such as management traffic.
Command Purpose
firewall transparent
Example:
hostname(config)# firewall transparent
Sets the firewall mode to transparent. To change the mode to routed, enter
the no firewall transparent command.
Note You are not prompted to confirm the firewall mode change; the
change occurs immediately.

Table of Contents

Other manuals for Cisco ASA Series

Preview: Configuration Guide
Configuration Guide428 pages
Preview: Mount And Connect
Mount And Connect12 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA Series and is the answer not in the manual?

Cisco ASA Series Specifications

General IconGeneral
BrandCisco
ModelASA Series
CategoryNetwork Hardware
LanguageEnglish

Related product manuals