Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Security levels on ASA

Hello,

I'm trying to allow traffic between 2 VLAN's/sub interfaces on my ASA, the both have their security Level set at 25.  At the moment I can't even ping devices between the 2 and my access lists are wide open.  I raised one of the security groups to 35 and everything seem to work.

I'm left a little confused, if security levels are the same are the untrusted?  What ever I did on the access list side (to open it up) seemed to be ignored.

3 REPLIES
New Member

Re: Security levels on ASA

hi,

have you tried enabling the same level intra-interface communications. Here's a link all about it:

http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080734db7.shtml

hostname(config)# same-security-traffic permit inter-interface

regards

John

New Member

Re: Security levels on ASA

Thanks John,

Is this commonly enable by most, I set both these sub interfaces to the same as they sort of need resources from each, have the same security set like you mention is a good idea in my eyes.

New Member

Re: Security levels on ASA

It is a fairly new option (I think since V7 ish) for your sort of instance.

If both interfaces require resources from the other then it seems a reasonable approach to me.

John

352
Views
0
Helpful
3
Replies
CreatePlease to create content