We are looking for some clarification regarding running a Cisco ASA in transparent mode with multiple contexts. Our current network design is the following - Collapsed Core/Aggregation Layer running Cisco 3750s. The 2 Cisco 3750s are using SVIs with HSRP for default gateways per customer with a total of 8 customers. Each customer is segregated into seperate VLANs with Cisco 2960 switches used in the Access layer. Each customer has 2 Cisco 2960 switches with redundant uplinks to the Core/Aggregation layer. Customers are spanning tree loadbalanced between core/aggregation switches. What we need to now do is add two transparent firewalls into the mix in either an active/active or active/standby setup. We need the firewalls to support all 8 customers, therefore we are guessing they need to run in multiple context mode. Having read into this it has left me somewhat confused as to how to integrate them into the above setup as a bump in the wire so to speak.
You would need to create 8 transparent contexts (one per customer) and assign 2 vlans in the same subnet to each customer. For example:vlan 1 and 11 for customer 1vlan 2 and 20 for customer 2vlan 3 and 30 for customer 2and so on.
Please click here for config examples to setup Multiple modes, transparent firewall with Outside access.
Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.