Transparent IOS Firewall (Layer 2)
The cellophane IOS Firewall affection (also accepted as Layer 2 firewall) acts as a Layer 2 cellophane arch with CBAC
inspection configured on the Bridged Virtual Interface (BVI).
A Layer 3 IOS Firewall accomplishing requires two analytic zones—trusted and untrusted—both on altered IP subnets
(existing subnets). A arrangement accomplishing not advised to board this subnetted architectonics would crave the
redesign of IP subnets to board the firewall. Placing a Layer 3 firewall would be difficult in such scenarios and is
considered ability accelerated and could be absurd for best deployment scenarios.
Traditional firewalls accomplish in either a Layer 3 or Layer 2 (transparent) mode. The Cisco IOS Firewall is advised to
simultaneously interoperate in both modes, accouterment scalability and affluence of integration. This added functionality allows a
Cisco IOS Firewall to be implemented accordingly for both the Layer 2 cellophane firewall operating on the bridged packets
and a Layer 3 firewall operating on baffled packets on the aforementioned device.
The cellophane firewall agreement is no altered from the Layer 3 firewall application the ip audit command from the global
configuration mode. The CBAC analysis aphorism ip audit in/out command is activated to the bridged interfaces for Layer 2
protection, admitting added baffled interfaces are configured for Layer 3 protection.
This affection was alien in IOS Version 12.3(7)T.