Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
338
Views
0
Helpful
2
Replies

FWSM - multiple interface and NAT

Go to solution
guru
Level 1
Level 1

‎02-10-2008 11:13 PM - edited ‎03-12-2019 05:57 PM

Hello:

I am in the process of configuring FWSM and want to have 3 inside interfaces and one outside. The Securty level for these interfaces as follows:

Outside - 0

Inside_1 - 80

Inside_2 - 70

Inside_3 - 60

But I don't want to perform NAT on any of them. Is this posiible (or do I have to setup same security levels for these interfaces to perform no NAT)?

Thanks in advance.........

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
anthony.baker
Level 1
Level 1

‎02-11-2008 02:22 AM

Hey,

You don't have to use NAT if you don't want to and the security levels don't have to be the same to achieve this. You will need to use the NAT 0 command though for each and statics to allow communication from lower to higher security-level.

I hope that helps.

Anthony

View solution in original post

0 Helpful

Go to solution
cisco24x7
Level 6
Level 6
In response to anthony.baker

‎02-11-2008 05:13 AM

With FWSM version 3.x or higher, the blade,

by default, will route traffics so you do

NOT have to do anything. You still need

ACL to go from low to high but NOT from high

to low.

If you still use fwsm version 2.x, you still

NEED to perform no NAT to go from high to

low

CCIE security

View solution in original post

0 Helpful
2 Replies 2

Go to solution
anthony.baker
Level 1
Level 1

‎02-11-2008 02:22 AM

Hey,

You don't have to use NAT if you don't want to and the security levels don't have to be the same to achieve this. You will need to use the NAT 0 command though for each and statics to allow communication from lower to higher security-level.

I hope that helps.

Anthony

0 Helpful

Go to solution
cisco24x7
Level 6
Level 6
In response to anthony.baker

‎02-11-2008 05:13 AM

With FWSM version 3.x or higher, the blade,

by default, will route traffics so you do

NOT have to do anything. You still need

ACL to go from low to high but NOT from high

to low.

If you still use fwsm version 2.x, you still

NEED to perform no NAT to go from high to

low

CCIE security

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card