Security levels on ASA

Unanswered Question
Dec 2nd, 2009


I'm trying to allow traffic between 2 VLAN's/sub interfaces on my ASA, the both have their security Level set at 25.  At the moment I can't even ping devices between the 2 and my access lists are wide open.  I raised one of the security groups to 35 and everything seem to work.

I'm left a little confused, if security levels are the same are the untrusted?  What ever I did on the access list side (to open it up) seemed to be ignored.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Andy White Wed, 12/02/2009 - 04:33

Thanks John,

Is this commonly enable by most, I set both these sub interfaces to the same as they sort of need resources from each, have the same security set like you mention is a good idea in my eyes.

johnbroadway Wed, 12/02/2009 - 04:45

It is a fairly new option (I think since V7 ish) for your sort of instance.

If both interfaces require resources from the other then it seems a reasonable approach to me.



This Discussion