08-07-2013 12:21 PM - edited 03-11-2019 07:23 PM
I have two VLAN's on a physical interface with the same security level as my inside interface. I have same-security-traffic permit inter-interface enabled. Do I still need ACL's to permit traffic from the VLAN's to communicate with the network objects on the inside interface?
Thank you
Carlos
Solved! Go to Solution.
08-07-2013 12:25 PM
Hi,
So if you have 2 Vlan interfaces at the same "security-level" value than the "inside" interface and you have the "same-security-traffic permit inter-interface" configured THEN you should NOT need ACLs on the 2 Vlan interfaces to permit connection forming/initiation from them to the networks behind "inside" interface.
Though personally I always use ACLs on all interfaces even if the above is true.
- Jouni
08-07-2013 12:25 PM
Hi,
So if you have 2 Vlan interfaces at the same "security-level" value than the "inside" interface and you have the "same-security-traffic permit inter-interface" configured THEN you should NOT need ACLs on the 2 Vlan interfaces to permit connection forming/initiation from them to the networks behind "inside" interface.
Though personally I always use ACLs on all interfaces even if the above is true.
- Jouni
08-07-2013 12:30 PM
Thank you Jouni
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: