Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Problem to allow traffic from lower security to high secutity on pix515

Can you pls help? I have been setting up PIX515 for our company, I just could't work out why traffic from lower security interface to higher security interface does't happen. I have 6 interfaces in my PIX515.

I am trying to allow any traffic from tmd4 network to inside network.

-inside -203.1.108.x network (security 100)

-tmd4-10.1.1.x network (security 20)

-Inside is NATed via tmd4 interface

-inside network doesn't have any issue to talk to lower interface

-------------------------------------------------------------------------------

nat (inside) 0 access-list inside_outbound_nat0_acl

nat (inside) 1 0.0.0.0 0.0.0.0 0 0

|

global (outside) 1 interface

global (tmd4) 1 interface

|

static (inside,tmd4) 10.1.1.9 203.1.108.22 netmask 255.255.255.255

access-list acl_tmd4 permit tcp any host 10.1.1.9

access-group acl_tmd4 in interface tmd4

---------------------------------------------------------------------------------------------

In order to pass traffic from low to high interface, static/access-list/access-group commands is used as per documents. Is there any thing that I missed?

I really appreciate your reply.

Regards,

DJ

1 REPLY
Cisco Employee

Re: Problem to allow traffic from lower security to high secutit

Already answered in Security - Firewalling forum.

80
Views
0
Helpful
1
Replies
CreatePlease to create content