FWSM blockes same-security-traffic

Answered Question
Mar 30th, 2007

Hi,

Firewall blockes traffic between two level-0 - Interfaces.

"same-security-traffic permit inter-interface" is configured. The Access-list is correct an the log containes without matches:

"Mar 30 13:52:51 pix Mar 30 2007 13:55:13 z084nlf-h008001 : %FWSM-4-106023: Deny udp src OUTSIDE2:10.27.136.253/123 dst OUTSIDE1:10.27.242.45/123 by

access-group "" [0x0, 0x0]"

I do not know wy.

Release: 3.1(3), WS-SVC-FWM-1

Regards.

Volker

I have this problem too.
0 votes
Correct Answer by David White about 9 years 8 months ago

You need to specify an ACL on OUTSIDE2 interface to permit that traffic. Currently, no ACL is defined, and therefore, by default all traffic is denied.

Sincerely,

David.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
David White Fri, 03/30/2007 - 06:59

You need to specify an ACL on OUTSIDE2 interface to permit that traffic. Currently, no ACL is defined, and therefore, by default all traffic is denied.

Sincerely,

David.

VOLKER JANUSCH Fri, 03/30/2007 - 07:11

Sorry!!!!!!!!!!!!!!

What an stupid failure:

There was no access-group - command configured.

Many Thanks.

Volker

VOLKER JANUSCH Fri, 03/30/2007 - 07:05

Hi David,

the access-list is already configured on interface OUTSIDE2.

Greatings.

Volker

Actions

This Discussion