Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA 5520 Intra Routing/ACL/VLAN's 8.4(5)

I have two VLAN's on a physical interface with the same security level as my inside interface. I have same-security-traffic permit inter-interface enabled. Do I still need ACL's to permit traffic from the VLAN's to communicate with the network objects on the inside interface?

Thank you

Carlos         

1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

Re: ASA 5520 Intra Routing/ACL/VLAN's 8.4(5)

Hi,

So if you have 2 Vlan interfaces at the same "security-level" value than the "inside" interface and you have the "same-security-traffic permit inter-interface" configured THEN you should NOT need ACLs on the 2 Vlan interfaces to permit connection forming/initiation from them to the networks behind "inside" interface.

Though personally I always use ACLs on all interfaces even if the above is true.

- Jouni

2 REPLIES
Super Bronze

Re: ASA 5520 Intra Routing/ACL/VLAN's 8.4(5)

Hi,

So if you have 2 Vlan interfaces at the same "security-level" value than the "inside" interface and you have the "same-security-traffic permit inter-interface" configured THEN you should NOT need ACLs on the 2 Vlan interfaces to permit connection forming/initiation from them to the networks behind "inside" interface.

Though personally I always use ACLs on all interfaces even if the above is true.

- Jouni

New Member

ASA 5520 Intra Routing/ACL/VLAN's 8.4(5)

Thank you Jouni

194
Views
0
Helpful
2
Replies
CreatePlease to create content