Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
331
Views
0
Helpful
2
Replies

Basic configuration for datacenter FW with 5510

EasyteamCisco
Level 1
Level 1

‎10-28-2008 04:02 AM - edited ‎03-11-2019 07:03 AM

Hello, we tried to configure our new 5510 to secure a datacenter configuration in a level-3 static routing+access control configuration.

Basically :

- external IP is A

- internal network is N, a public network routed through the 5510

- internal IP is B (inside N)

The routing works ok (tested), but we have problem with the access rules.

We assigned a higher security level to the internal interface, normally it should enable outbound traffic (from N to any) with implicit rules. Does not, no traffic unless we add access rules that allow traffic from outside to inside (from any to N which is the opposite from what it should be !) of course we checked several times the we did not mix cables, inbound and ountbound configuration, ....

Don't understand !

Labels:
0 Helpful
2 Replies 2

bsier
Level 1
Level 1

‎10-28-2008 06:38 AM

It's hard to say without seeing the config. However if you have anything else in the access list for the internal interface it will remove the implicit rule to allow any traffic to a less secure network.

Perhaps that is the issue?

0 Helpful

EasyteamCisco
Level 1
Level 1
In response to bsier

‎10-28-2008 08:15 AM

I'll get the configuration tomorrow and post it here. The strange thing is that the implicit rules should work !

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card