Jon Marshall Wed, 11/21/2007 - 03:40
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Hi Peter

Yes you do need to explicitly allow traffic with an access-list even if traffic is going from the inside interface (highest security level) to the outside (lowest security level).

But all the other rules still apply in that you can give interfaces the same security level and have traffic flow between them without access-list, you still need to setup static NAT translations for lower to higher level security interfaces (unless you turn off NAT) so it's still pretty much the same as you are presumably used to.




This Discussion