Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
229
Views
0
Helpful
1
Replies

Live security level change on PIX

jigsaw2026
Level 1
Level 1

‎11-30-2007 02:01 AM - edited ‎03-11-2019 04:37 AM

Hi,

I need to change an interface security level from 100 to 85 while it is live. What are the implications for doing so?

Will each new packet be treated with the new level? And most importantly will there be any downtime or other side affects which will be noticable to users?

I have read on a previous post that a reboot is preferable - is this definitely the case and why so?

I'm running 7.0(1)on a PIX 535.

Any thoughts much appreciated.

Many thanks,

J

Labels:
0 Helpful
1 Reply 1

srue
Level 7
Level 7

‎11-30-2007 10:12 AM

I've never heard about this requiring a reboot. The only thing to be concerned about are the normal things when you change security levels, mainly how that affects communication with other interfaces. Also, if you're using the 'same-security-traffic..' command, how that affects it.

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080734db7.shtml

http://www.cisco.com/en/US/docs/security/asa/asa70/configuration/guide/intparam.html

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card