Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Routing on same security interface

Hi,

I am using 7.0 on PIX 535A and have 4 different subnets on 4 physical interfaces 10.5.2.144/28, 10.5.2.160/28, 10.5.2.176/28 and 10.5.2.129/30. These interfaces are at same security level 100, I have enabled "same-security-traffic permit inter-interface" Still the devices in these subnets cannot communicate with other. Firewall is in routed mode.

Thanks for your help.

-JK

3 REPLIES

Re: Routing on same security interface

Hello Jayesh,

Try this

no nat-control

Regards

New Member

Re: Routing on same security interface

Or, if you need NAT (because no nat-control turns off NAT globally), try defining either a NAT 0 or a nat 'NET STATIC' that NATs the address range from interface to interface.

There MUST be some NAT relationshoip between any two interfaces that wish to communicate.

Re: Routing on same security interface

no nat-control does not turn off NAT globally. Your nat statements will go on working. It only removes the "any traffic flow must match a NAT statement" must.

117
Views
0
Helpful
3
Replies
CreatePlease to create content