Contents
vii
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Configuring ARP Inspection for the Transparent Firewall 5-8
Information About ARP Inspection 5-8
Licensing Requirements for ARP Inspection 5-8
Default Settings 5-9
Guidelines and Limitations 5-9
Configuring ARP Inspection 5-9
Task Flow for Configuring ARP Inspection 5-9
Adding a Static ARP Entry 5-9
Enabling ARP Inspection 5-10
Feature History for ARP Inspection 5-11
Customizing the MAC Address Table for the Transparent Firewall 5-11
Information About the MAC Address Table 5-11
Licensing Requirements for the MAC Address Table 5-12
Default Settings 5-12
Guidelines and Limitations 5-12
Configuring the MAC Address Table 5-13
Adding a Static MAC Address 5-13
Disabling MAC Address Learning 5-13
Feature History for the MAC Address Table 5-14
Firewall Mode Examples 5-14
How Data Moves Through the Security Appliance in Routed Firewall Mode 5-14
An Inside User Visits a Web Server 5-15
An Outside User Visits a Web Server on the DMZ 5-16
An Inside User Visits a Web Server on the DMZ 5-17
An Outside User Attempts to Access an Inside Host 5-18
A DMZ User Attempts to Access an Inside Host 5-19
How Data Moves Through the Transparent Firewall 5-20
An Inside User Visits a Web Server 5-21
An Inside User Visits a Web Server Using NAT 5-22
An Outside User Visits a Web Server on the Inside Network 5-23
An Outside User Attempts to Access an Inside Host 5-24
PART
2 Setting up the Adaptive Security Appliance
CHAPTER
6 Configuring Multiple Context Mode 6-1
Information About Security Contexts 6-1
Common Uses for Security Contexts 6-2
Context Configuration Files 6-2
Context Configurations 6-2