Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Are there any security issue when you flip interface inside and outside?

I mean some time we have some need to turn inside interface of PIX firewall to remote site and turn outside interface into inside of HO. If we strictly aware the traffic with ACL, what's else we should concern or any reason to prohibit turning around the PIX interfaces.

Regards,

Jessada

  • Other Security Subjects
1 REPLY
Silver

Re: Are there any security issue when you flip interface inside

If you have a good understanding about PIX and especially ASA's behaviour, then there is no security issue about flipping inside and outside interfaces. (imho, if you don't fully understand PIX there's always a security issue :-)))

Flipping interfaces can make some configurations extremely difficult to troubleshoot in case of running against problems. Since bi-directional translation can be done from 6.2 and higher I can hardly think of a reason to flip the inside and outside interface. But maybe anyone can think of a case where inside and outside have to be flipped (I don't think such case exists)

Kind Regards,

Leo

100
Views
0
Helpful
1
Replies