02-24-2009 03:34 AM - edited 03-11-2019 07:56 AM
Hello,
I have 4 security zones defined on my 2611XM - 12.4.15T8 router. The customer defined its security policy as a destination policy to all 4 zones, eg
from 10 hosts/networks to zone1
from 20 hosts/networks to zone2, etc,
where the hosts/networks are located on all different zones.
Unfortunately, in my zone-pair definition I cannot select multiple zones as source zone. This would reduce my zone pailr definition from 12 to 4. Does anyone know any alternative to this ?
thx Karien
02-24-2009 03:47 AM
Does your customer has 12 different policies?. As of now the number of zone-pairs cannot be less than the number of policies. Are you trying to say defining multiple zone-pairs using one zone-pair command and attaching multiple policies to that for each zone-pair?. Pardon me if i dont understand your problem.
02-24-2009 05:14 AM
I have only 4 policies, defined on destination zone level.
Problem is that I cannot select more then 1 source zone in a policy
Eg
Policy_1 defines from host_in_zone2, host_in_zone3, ... to zone 1 allow.
Policy_2 defines from host_in_zone1, host_in_zone3,... to zone 2 allow.
Any idea ?
thanks Karien
03-04-2009 02:32 AM
Hello
Solution is to create 12 zone pairs, but administration is restricted because I have only 4 policies (Policy maps)
Regards
03-05-2009 12:31 AM
Can you create 12 policies?
Alex Yeung
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide