https://community.cisco.com/t5/network-security/basic-rule-question-on-asa/m-p/2930404#M156796 <P>You only need the first rule. &nbsp;The return traffic will be allowed automatically.</P> <P></P> <P>You will need the config "same-security-traffic permit&nbsp;inter-interface".</P> Tue, 02 Aug 2016 20:40:03 GMT Philip D'Ath 2016-08-02T20:40:03Z https://community.cisco.com/t5/network-security/basic-rule-question-on-asa/m-p/2930403#M156787 <P>Very basic question on firewall rules on the ASA.</P> <P>I have 2 interfaces. Lets call them LAN 1 &amp; LAN 2. Both have the same security level.</P> <P>HOST A on LAN 1 should communicate with HOST B on LAN 2 on http only</P> <P>So the rule for LAN 1 interface is:</P> <P>Source: HOST A<BR />Destination: HOST B (LAN 2)<BR />Port: 80/tcp</P> <P>Do I then need to put a rule in LAN 2 interface like so:</P> <P>Source: HOST A (LAN 1)<BR />Destination: HOST B<BR />Port: 80/tcp</P> Tue, 12 Mar 2019 08:05:04 GMT https://community.cisco.com/t5/network-security/basic-rule-question-on-asa/m-p/2930403#M156787 louis0001 2019-03-12T08:05:04Z https://community.cisco.com/t5/network-security/basic-rule-question-on-asa/m-p/2930404#M156796 <P>You only need the first rule. &nbsp;The return traffic will be allowed automatically.</P> <P></P> <P>You will need the config "same-security-traffic permit&nbsp;inter-interface".</P> Tue, 02 Aug 2016 20:40:03 GMT https://community.cisco.com/t5/network-security/basic-rule-question-on-asa/m-p/2930404#M156796 Philip D'Ath 2016-08-02T20:40:03Z https://community.cisco.com/t5/network-security/basic-rule-question-on-asa/m-p/2930405#M156811 <P>Lets assume the LAN 2 interface (sec level 100) has a higher security level then LAN 1 (sec level 90)</P> <P>I know a higher level can access a lower security level but if I want the traffic to be restricted so HOST B can only respond to HOST A, would I need the 2nd rule?</P> Tue, 02 Aug 2016 20:57:58 GMT https://community.cisco.com/t5/network-security/basic-rule-question-on-asa/m-p/2930405#M156811 louis0001 2016-08-02T20:57:58Z