Im building a Cisco 5520 with a two physical interfaces and 6 or so sub-interfaces. We have G0/0 (broken down into the sub-interfaces) and G0/1 (not sub-interfaced). I have the ACL's in place and I can ping through the devices from one sub-interface to the physical (outside) interface, but only when the physical is set to security level 90 - when it is at 100 (as the source interface is), it doesnt get through.
This is my config:
access-list Outside-OUT extended permit icmp any any log
access-list NMS-IN extended permit ip any any log
access-list Outside-IN extended permit ip any any log
access-list NMS-OUT extended permit ip any any log
access-group NMS-IN in interface NMS
access-group NMS-OUT out interface NMS
access-group Outside-IN in interface Outside
access-group Outside-OUT out interface Outside
ip address 10.11.120.226 255.255.255.240
ip address 10.11.121.1 255.255.255.240
Works like this - as soon as I set G0/1 to security level 100, it doesnt work.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...