Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA and same-security-traffic permit inter-interface

I have the same security interfaces:

interface Ethernet0/0

nameif dmzlan

security-level 40

ip address 192.168.164.56 255.255.252.0

!

interface Ethernet0/3

nameif dmzinet

security-level 40

ip address 213.182.168.1 255.255.255.0

And used "no same-security-traffic permit inter-interface"

But with this setting acls with "permit" don't work between this interfaces.

Can I allow some traffic between this interfaces using ACLs?

============

Or the only way to make it is to use "same-security-traffic permit inter-interface" and use acls with deny last line of each acl chain?

1 REPLY

Re: ASA and same-security-traffic permit inter-interface

"the only way to make it is to use "same-security-traffic permit inter-interface" and use acls with deny last line of each acl chain " -that's the answer.

458
Views
0
Helpful
1
Replies