same-security-traffic permit intra-interface ??

Unanswered Question
Jul 9th, 2007


When I enable same-security-traffic permit intra-interface in pix then under two answer is correct ??

[same-security-traffic permit intra-interface"configuration command was issued. What are two purposes of this command?

a.It allows all of the VPN spokes in a hub-and-spoke configuration to be erminated on a single interface.

b.It permits communication in and out of the same interface when the traffic is IPSec protected.]



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Tue, 07/10/2007 - 04:51

The answer is 'b'. Except that it is not entirely correct. For versions earlier than 7.2(1), it is required that at least one arm of the hairpinned traffic (inbound or outbound) be encrypted. From 7.2(1) and later, this requirement is no longer in place. Both the traffic inbound and the traffic outbound might be unencrypted when you use 7.2(1).

Please rate helpful posts.


This Discussion