06-16-2006 05:54 PM - edited 02-21-2020 12:58 AM
Dear all,
I have a pix with 5 ethernet interface and the version is 7.0.
When I use no security level on the interface, the security level change to 0. Can I configure all the interface with security level 0?
If I configure all interface to security level 0. I cannot telnet to the PIX via any interface. Is there any solution?
Thanks.
C.K.
06-17-2006 08:39 PM
Telnet is not allowed on interfaces with security level 0. You can configure ssh on those interfaces instead. Older versions of PIX didn't allow for two interfaces to be set to the same level - if I recall that's a new feature in PIX7 - it's there in case you have two internal segments that need to talk to each other. 0 is normally used on the outside interface. It doesn't make sense to set all int's to 0, if you ask me. Can you explain what you're trying to accomplish?
06-17-2006 10:52 PM
Telnet is not allowed to the lowest security interface UNLESS you are connecting over an Ipsec Tunnel. Otherwise you need to configure ssh.
crypto key generate rsa modulus 1024
write mem
ssh
where subnet is the subnet(s) located behind the inside interface. You can put as many ssh instructions as you need pointing to the respective interface ..
You can get communication between interfaces of the same security level by entering the below command.
same-security-traffic permit inter-interface
I hope it helps .. please rate it if it does !!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: