FWSM - Statics between same security interfaces necessary?
I will have to implement a change which involves switching a single mode FWSM to multi mode.
Currently i have everything configured based on NAT0/NAT exemption which is going to be converted into static statements when doing the mode multi switch.
The only thing i am currently not sure about is if i need a static for same security level interfaces. Yes i know you only do statics from high to low interfaces but i just wanted to make sure that i don't have to prepare 4 pages of static rules before initiating the change.
Same security interfaces - static necessary? Please say NO. :)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...