Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

ASA and VLANs, same security level

Hi all,

2 ASA5520 (active/standby). I have 10 VLANs, all with same security level (100) they are all internal networks, I them to talk each other without NAT but I'm getting a strange behaviour, I have a NAT dynamic so they can get to the Internet and a NAT EXEMPT when the traffic needs to go to the other VLANs. The strange thing is that I have "SYN Timeout" to some machines on TCP traffic but I always have ICMP connectivity. Accessing from one VLAN to the other can give me access to one machine without problem and no TCP connections to another on the same VLAN.

Any advise?

Regards

2 REPLIES
New Member

Re: ASA and VLANs, same security level

you also configured same security traffic?

same-security-traffic permit inter-interface

New Member

Re: ASA and VLANs, same security level

Hi,

Yes, I have enabled inter-interface traffic and for some machines it works but not for others (only on TCP traffic) because with ICMP it always works.

Regards

276
Views
0
Helpful
2
Replies
CreatePlease to create content