FWSM sources mac-address of inside interface when passing traffic

Unanswered Question
Nov 27th, 2007
User Badges:

Why does the Firewall Services Module source the mac-address of the inside interface and not the mac-address of the outside interface when passing traffic outbound out of the outside interface to the outside world?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
owillins Tue, 12/04/2007 - 12:16
User Badges:
  • Silver, 250 points or more

Reason is each interface must have a security level from 0 (lowest) to 100 (highest). For example, you should assign your most secure network, such as the inside host network, to level 100, while the outside network connected to the Internet can be level 0. So traffic are sourced to inside network.


This Discussion