asa 5505, v7.2 how can i block traffic?

Unanswered Question
Aug 20th, 2008

hi, can i block the traffic between the same ports of the asa? for example, the asa 5505 has 8 ports, the ethernet port from 1 to 7, are for the inside vlan, and i want to know if i can filter traffic using an ACL between the ethernet port 1 and 2 for example...if it is, how can i do that?

the ethernet port 0 is for the outside interface.

thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Farrukh Haroon Wed, 08/20/2008 - 19:02

Just put an ACL on both interfaces to block the traffic.

But make sure you permit the rest :)

You can also assign them same security levels and don't permit same-security-traffic permit INTER interface.

Regards

Farrukh

dhananjoy chowdhury Wed, 08/20/2008 - 19:02

By default, the same security level interfaces

cannot communicate with one another.

To allow communication between interfaces of the

same security level use the command

"same-security-traffic permit inter-interface"

You can also use ACL, something like this

access-list one2two permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0

access-group one2two in interface inside

Actions

This Discussion