same-security-traffic permit intra-interface ??

Unanswered Question
Jul 9th, 2007
User Badges:


When I enable same-security-traffic permit intra-interface in pix then under two answer is correct ??

[same-security-traffic permit intra-interface"configuration command was issued. What are two purposes of this command?

a.It allows all of the VPN spokes in a hub-and-spoke configuration to be erminated on a single interface.

b.It permits communication in and out of the same interface when the traffic is IPSec protected.]



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Tue, 07/10/2007 - 04:51
User Badges:
  • Green, 3000 points or more

The answer is 'b'. Except that it is not entirely correct. For versions earlier than 7.2(1), it is required that at least one arm of the hairpinned traffic (inbound or outbound) be encrypted. From 7.2(1) and later, this requirement is no longer in place. Both the traffic inbound and the traffic outbound might be unencrypted when you use 7.2(1).

Please rate helpful posts.


This Discussion