10-16-2006 07:48 AM - edited 03-09-2019 04:32 PM
Is it true that both the csc-ssm and aip-ssm modules can't co-exist in the ASA5500 device at the same time??
One more question is there are sample config/example on the cisco site using the intra-interface keyword command involving NON IPSEC TRAFFIC
Solved! Go to Solution.
10-18-2006 03:18 PM
It is true that both the csc-ssm and aip-ssm modules can't co-exist in the ASA5500 device at the same time.
There isn't a sample configuration availavle onsite yet. However, apart from the same-security command, you would need the regular translation rule to pass the traffic. Also, due to the stateful nature, it only allows unidirectional traffic. Eg:
nat (inside) 10 192.168.1.0 255.255.255.0
global (inside) 10 interface
global (ouotside) 10 interface(not required though)
Sincerely,
~AJ
10-18-2006 03:18 PM
It is true that both the csc-ssm and aip-ssm modules can't co-exist in the ASA5500 device at the same time.
There isn't a sample configuration availavle onsite yet. However, apart from the same-security command, you would need the regular translation rule to pass the traffic. Also, due to the stateful nature, it only allows unidirectional traffic. Eg:
nat (inside) 10 192.168.1.0 255.255.255.0
global (inside) 10 interface
global (ouotside) 10 interface(not required though)
Sincerely,
~AJ
10-19-2006 08:46 AM
AJ
Thanks alot
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide