ASA allowing traffic from lower security level to higher security level

Unanswered Question
May 25th, 2007
User Badges:

Hi all,

Do you know of any bug in ASA SW where it is possible by default to pass traffic from an interface with a lower security level to an interface with a higher security level?

Thank you,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
joaopalmeida Fri, 05/25/2007 - 03:16
User Badges:

By the way, in my tests I found out that in SW version 7.x the only command necessary to pass traffic from the outside interface to the inside interface is an ACL in the outside interface. NAT is not necessary. In SW version 6.x this did not happen, both ACL and NAT were required.

Does anyone confirm this?

jaydhindsa Fri, 06/01/2007 - 15:16
User Badges:

thats right starting from train 7.0 this is the way.




This Discussion