6-2. Routed Firewall Mode and Address Translation

When a firewall has IP addresses assigned to its interfaces, it acts as a router hop for packets passing through it. As well, all the traffic inspection and forwarding decisions are based on Layer 3 (IP address) parameters. This is called routed firewall mode.

NOTE

Cisco firewalls running PIX release 6.3 or earlier operate solely in routed firewall mode. Beginning with FWSM 2.2(1) and PIX 7.0, you can configure a firewall to operate in either routed or transparent firewall mode, but not both.

Each firewall interface must be connected to a different IP subnet and be assigned an IP address on that subnet. When a routed firewall is installed or inserted into a network for the first time, the network ...

Get Cisco ASA and PIX Firewall Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.