Same Security levels on multiple interfaces

Answered Question

Why should one keep same security levels on multiple interfaces on Cisco Firewalls? What could be the impact? I was under the impression that same security level cannot be given on multiple interfaces, but i came across a configuration,and had to change my assumption. Just want to understand the best practice and the impact if we configure the interfaces in such a way that 2 interfaces have sec-level 60, 2 have sec-level 80 with remaining as inside and outside...

I have this problem too.
0 votes
Correct Answer by Dileep Sivadas ... about 6 years 10 months ago

If you assign same security level for multiple interface , there will no traffic flow by default unless you configure same-security-traffic permit inter-interface command.

This is used to completely isolate traffic from two interfaces.

Dileep

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Dileep Sivadas ... Mon, 01/11/2010 - 01:58

If you assign same security level for multiple interface , there will no traffic flow by default unless you configure same-security-traffic permit inter-interface command.

This is used to completely isolate traffic from two interfaces.

Dileep

Actions

This Discussion