02-09-2010 08:30 PM
Hi,
I would like to configure the ASA for vpn only. By default ASA allows traffic from high security interface to low security interface. I want to stop this. Is there a way of doing this without resorting to access lists.
thanks
John
Solved! Go to Solution.
02-10-2010 06:42 AM
Set the interfaces to the same security level and make sure you do not have same-security-traffic permit inter-interface enabled.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807fc191.shtml
Hope that helps.
02-10-2010 06:42 AM
Set the interfaces to the same security level and make sure you do not have same-security-traffic permit inter-interface enabled.
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807fc191.shtml
Hope that helps.
02-11-2010 06:55 AM
Hi,
Thanks, That helps. I see the implicit rules all all deny when that is done.
Thanks
John
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide