I have a big problem! :(
I have a Cisco already reached the "static" limit as attached image.
In this FWSM have 2 contexts.
I always need create this type of rule when I create any rule have 2 different networks
To permit the net 192.168.0.0/24 to access net 10.10.10.0/24
access-list dmz extended permit ip 192.168.0.0 255.255.255.0 10.10.10.0 255.255.255 255
static (inside,dmz) 10.10.10.0 10.10.10.0 netmask 255.255.255.0
Thus have many rules "static".
I would like know:
- To not be necessary to use the rule "static" always, I need only enable the "same-security-traffic permit intra-interface" ?
- If this information is correct and I enable this parameter, I'll have problems with the rules "static" current?