Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

asa 5505, v7.2 how can i block traffic?

hi, can i block the traffic between the same ports of the asa? for example, the asa 5505 has 8 ports, the ethernet port from 1 to 7, are for the inside vlan, and i want to know if i can filter traffic using an ACL between the ethernet port 1 and 2 for example...if it is, how can i do that?

the ethernet port 0 is for the outside interface.

thanks

2 REPLIES

Re: asa 5505, v7.2 how can i block traffic?

Just put an ACL on both interfaces to block the traffic.

But make sure you permit the rest :)

You can also assign them same security levels and don't permit same-security-traffic permit INTER interface.

Regards

Farrukh

Re: asa 5505, v7.2 how can i block traffic?

By default, the same security level interfaces

cannot communicate with one another.

To allow communication between interfaces of the

same security level use the command

"same-security-traffic permit inter-interface"

You can also use ACL, something like this

access-list one2two permit ip 10.1.1.0 255.255.255.0 10.2.2.0 255.255.255.0

access-group one2two in interface inside

187
Views
0
Helpful
2
Replies