Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

FWSM blockes same-security-traffic

Hi,

Firewall blockes traffic between two level-0 - Interfaces.

"same-security-traffic permit inter-interface" is configured. The Access-list is correct an the log containes without matches:

"Mar 30 13:52:51 pix Mar 30 2007 13:55:13 z084nlf-h008001 : %FWSM-4-106023: Deny udp src OUTSIDE2:10.27.136.253/123 dst OUTSIDE1:10.27.242.45/123 by

access-group "" [0x0, 0x0]"

I do not know wy.

Release: 3.1(3), WS-SVC-FWM-1

Regards.

Volker

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: FWSM blockes same-security-traffic

You need to specify an ACL on OUTSIDE2 interface to permit that traffic. Currently, no ACL is defined, and therefore, by default all traffic is denied.

Sincerely,

David.

3 REPLIES
Silver

Re: FWSM blockes same-security-traffic

You need to specify an ACL on OUTSIDE2 interface to permit that traffic. Currently, no ACL is defined, and therefore, by default all traffic is denied.

Sincerely,

David.

New Member

Re: FWSM blockes same-security-traffic

Sorry!!!!!!!!!!!!!!

What an stupid failure:

There was no access-group - command configured.

Many Thanks.

Volker

New Member

Re: FWSM blockes same-security-traffic

Hi David,

the access-list is already configured on interface OUTSIDE2.

Greatings.

Volker

116
Views
0
Helpful
3
Replies