15-13
Cisco Security Appliance Command Line Configuration Guide
OL-10088-01
Chapter 15 Firewall Mode Overview
Transparent Mode Overview
5. When the web server responds to the request, the security appliance adds the web server
MAC address to the MAC address table, if required, and because the session is already established,
the packet bypasses the many lookups associated with a new connection.
6. The security appliance forwards the packet to the inside user.
An Outside User Visits a Web Server on the Inside Network
Figure 15-10 shows an outside user accessing the inside web server.
Figure 15-10 Outside to Inside
The following steps describe how data moves through the security appliance (see Figure 15-10):
1. A user on the outside network requests a web page from the inside web server.
2. The security appliance receives the packet and adds the source MAC address to the MAC address
table, if required. Because it is a new session, it verifies that the packet is allowed according to the
terms of the security policy (access lists, filters, AAA).
For multiple context mode, the security appliance first classifies the packet according to a unique
interface.
3. The security appliance records that a session is established.
Host
209.165.201.2
209.165.201.1
209.165.200.230
Web Server
209.165.200.225
Management IP
209.165.201.6
Internet
92409
To Next Page
Loading...
Need help?
General