ASA allowing traffic from lower security level to higher security level

Unanswered Question
May 25th, 2007

Hi all,

Do you know of any bug in ASA SW where it is possible by default to pass traffic from an interface with a lower security level to an interface with a higher security level?

Thank you,

John

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
joaopalmeida Fri, 05/25/2007 - 03:16

By the way, in my tests I found out that in SW version 7.x the only command necessary to pass traffic from the outside interface to the inside interface is an ACL in the outside interface. NAT is not necessary. In SW version 6.x this did not happen, both ACL and NAT were required.

Does anyone confirm this?

Actions

This Discussion