One way to have no communication between two interfaces can be done by giving them the same security level. Traffic can go from securityA interface to security(A-1) interface without doing anything.
Communication is only possible between a lower to a higger or a higger to a lower security level.
MAybe I'm wrong, so if you can argu, this could help me.
Do you have any link about that two interfaces can NOT have the same security level ? Maybe I m bad thinking that it is possible.
PIX release 6.3.3 on a PIX515E with 6 interfaces do accept the commandes.
Anyway, two interfaces having the same configuration should act the same way to any same packets received. This is right for a router !
Anyway, we could have two providers links on the same PIX. In fact I do not know yet why the customer uses 2 interfaces as "ouside world", but the sniffer traces show me that those two interfaces do not response the same way when receiving a telnet initiation packet for example TCP port 25 or 23.
The less then basic configuration is the same. I just move the IP address and the "outside" cable form one interface to the other one.
No command with an explicite interface name, excepted a SSH permit command (to reach the PIX from an outside link).
So only port 22 is opened on those two interfaces.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...