Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Basic configuration for datacenter FW with 5510

Hello, we tried to configure our new 5510 to secure a datacenter configuration in a level-3 static routing+access control configuration.

Basically :

- external IP is A

- internal network is N, a public network routed through the 5510

- internal IP is B (inside N)

The routing works ok (tested), but we have problem with the access rules.

We assigned a higher security level to the internal interface, normally it should enable outbound traffic (from N to any) with implicit rules. Does not, no traffic unless we add access rules that allow traffic from outside to inside (from any to N which is the opposite from what it should be !) of course we checked several times the we did not mix cables, inbound and ountbound configuration, ....

Don't understand !

2 REPLIES
New Member

Re: Basic configuration for datacenter FW with 5510

It's hard to say without seeing the config. However if you have anything else in the access list for the internal interface it will remove the implicit rule to allow any traffic to a less secure network.

Perhaps that is the issue?

New Member

Re: Basic configuration for datacenter FW with 5510

I'll get the configuration tomorrow and post it here. The strange thing is that the implicit rules should work !

191
Views
0
Helpful
2
Replies