cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
610
Views
0
Helpful
1
Replies

ASA and same-security-traffic permit inter-interface

andrew278
Level 1
Level 1

I have the same security interfaces:

interface Ethernet0/0

nameif dmzlan

security-level 40

ip address 192.168.164.56 255.255.252.0

!

interface Ethernet0/3

nameif dmzinet

security-level 40

ip address 213.182.168.1 255.255.255.0

And used "no same-security-traffic permit inter-interface"

But with this setting acls with "permit" don't work between this interfaces.

Can I allow some traffic between this interfaces using ACLs?

============

Or the only way to make it is to use "same-security-traffic permit inter-interface" and use acls with deny last line of each acl chain?

1 Reply 1

"the only way to make it is to use "same-security-traffic permit inter-interface" and use acls with deny last line of each acl chain " -that's the answer.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: