Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
361
Views
0
Helpful
1
Replies

Security zones

Go to solution
kunal-united
Level 1
Level 1

‎11-26-2011 03:26 PM - edited ‎03-11-2019 02:55 PM

Hi,

ASA

Outside zone: Internet (213.132.x.x)

DMZ: 192.168.168.1/24

Inside: 10.0.0.1/24

Router: 10.0.0.254/24

Now I have a route 172.16.1.0/24 on the ASA saying the next-hop for 172.16.1.0/24 is the router ip 10.0.0.254?

Will 172.16.1.0/24 be counted as a high security zone ?

So what my understanding is that a route (172.16.1.0/24) or connected subnet (10.0.0.1/24) ...they are counted as high security zones?

Am I correct? or is it just 10.0.0.0/8 is the high security zone and not 172.16.1.0/24.

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎11-26-2011 10:14 PM

Hello Kunal,

The ASA will now in order to get to that subnet will need to go into the inside interface wich is the high security zone, so by default is going to be count as a high security network.

Please rate helpful posts.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎11-26-2011 10:14 PM

Hello Kunal,

The ASA will now in order to get to that subnet will need to go into the inside interface wich is the high security zone, so by default is going to be count as a high security network.

Please rate helpful posts.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card