topic ASA and enable traffic between two interfaces with same security level in Network Security https://community.cisco.com/t5/network-security/asa-and-enable-traffic-between-two-interfaces-with-same-security/m-p/3324942#M1064239 <P>I have multiple DMZ servers in seperate interfaces on my ASA with the same security level defined. I notice that if I do not check the box "enable traffic between two interfaces with same security level", then I cannot communicate between two servers in the seperate interfaces even if I have an ACL rule allowing them to communicate. Do you still have to have an ACL defined in order for these to communicate even if you have the box checked above? I hope this is the case since I want all of the DMZ networks at the same security level but only want them to be able to communicate if I have an ACL defined.</P> Fri, 21 Feb 2020 15:17:24 GMT Phil Bradley 2020-02-21T15:17:24Z ASA and enable traffic between two interfaces with same security level https://community.cisco.com/t5/network-security/asa-and-enable-traffic-between-two-interfaces-with-same-security/m-p/3324942#M1064239 <P>I have multiple DMZ servers in seperate interfaces on my ASA with the same security level defined. I notice that if I do not check the box "enable traffic between two interfaces with same security level", then I cannot communicate between two servers in the seperate interfaces even if I have an ACL rule allowing them to communicate. Do you still have to have an ACL defined in order for these to communicate even if you have the box checked above? I hope this is the case since I want all of the DMZ networks at the same security level but only want them to be able to communicate if I have an ACL defined.</P> Fri, 21 Feb 2020 15:17:24 GMT https://community.cisco.com/t5/network-security/asa-and-enable-traffic-between-two-interfaces-with-same-security/m-p/3324942#M1064239 Phil Bradley 2020-02-21T15:17:24Z Re: ASA and enable traffic between two interfaces with same security level https://community.cisco.com/t5/network-security/asa-and-enable-traffic-between-two-interfaces-with-same-security/m-p/3324964#M1064240 <P>Thats exactly the way to go. You need the checkbox to let them communicate, but you also need an ACL to control what these systems are allowed to do.</P> Sun, 04 Feb 2018 21:58:00 GMT https://community.cisco.com/t5/network-security/asa-and-enable-traffic-between-two-interfaces-with-same-security/m-p/3324964#M1064240 Karsten Iwen 2018-02-04T21:58:00Z