cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

448
Views
0
Helpful
3
Replies
Highlighted
Beginner

ASA 5505 between two network segments

Hi,

  I am using Cisco ASA 5505 between my two network.

1) I want 192.168.1.0/24 LAN user can go to access 172.16.1.0/24 network but 172.16.1.0/24 cant access 192.168.1.0/24 network

2) what interface nameif will be or security Laval

3)what access list should be configure

4)what IP route should be used

please find the topology below.

3 REPLIES 3
Highlighted
Rising star

The basic of firewall is Higher Security to Lower Securioty leval is always allowed no ACL is required but when trying to access from Lower to higher ACL is must.

Both interface if on same box will come as connected.

You can have two interfaces  -interface configured with 192..x.x.x set SL little higher you should be good.

Thanks

Ajay

Highlighted

Hi Ajay,

SL min security level right..

you min i need to use ACL to deny 172.X.X.X to access 192.X.X.X network right...

Regards

Suhas

Highlighted

By default there's an implicit allow any rule for high SL to low SL. So at the bare minumum

Make ASA interface (whatever gateway address you're using) on the 172.16.1.0/24 network SL 50

Make ASA interface (whatever gateway address you're using) on the 192.168.1.0/24 network SL 75

Content for Community-Ad