Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
330
Views
0
Helpful
3
Replies

Routing on same security interface

jkarkhanis
Level 1
Level 1

‎11-03-2008 03:08 PM - edited ‎03-11-2019 07:07 AM

Hi,

I am using 7.0 on PIX 535A and have 4 different subnets on 4 physical interfaces 10.5.2.144/28, 10.5.2.160/28, 10.5.2.176/28 and 10.5.2.129/30. These interfaces are at same security level 100, I have enabled "same-security-traffic permit inter-interface" Still the devices in these subnets cannot communicate with other. Firewall is in routed mode.

Thanks for your help.

-JK

Labels:
0 Helpful
3 Replies 3

husycisco
Level 7
Level 7

‎11-03-2008 11:46 PM

Hello Jayesh,

Try this

no nat-control

Regards

0 Helpful

jmayes
Level 1
Level 1
In response to husycisco

‎11-04-2008 01:10 PM

Or, if you need NAT (because no nat-control turns off NAT globally), try defining either a NAT 0 or a nat 'NET STATIC' that NATs the address range from interface to interface.

There MUST be some NAT relationshoip between any two interfaces that wish to communicate.

0 Helpful

husycisco
Level 7
Level 7
In response to jmayes

‎11-04-2008 04:04 PM

no nat-control does not turn off NAT globally. Your nat statements will go on working. It only removes the "any traffic flow must match a NAT statement" must.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card