I am in the process of configuring FWSM and want to have 3 inside interfaces and one outside. The Securty level for these interfaces as follows:
Outside - 0
Inside_1 - 80
Inside_2 - 70
Inside_3 - 60
But I don't want to perform NAT on any of them. Is this posiible (or do I have to setup same security levels for these interfaces to perform no NAT)?
Thanks in advance.........
With FWSM version 3.x or higher, the blade,
by default, will route traffics so you do
NOT have to do anything. You still need
ACL to go from low to high but NOT from high
If you still use fwsm version 2.x, you still
NEED to perform no NAT to go from high to
You don't have to use NAT if you don't want to and the security levels don't have to be the same to achieve this. You will need to use the NAT 0 command though for each and statics to allow communication from lower to higher security-level.
I hope that helps.