I am using Cisco ASA 5505 between my two network.
1) I want 192.168.1.0/24 LAN user can go to access 172.16.1.0/24 network but 172.16.1.0/24 cant access 192.168.1.0/24 network
2) what interface nameif will be or security Laval
3)what access list should be configure
4)what IP route should be used
please find the topology below.
The basic of firewall is Higher Security to Lower Securioty leval is always allowed no ACL is required but when trying to access from Lower to higher ACL is must.
Both interface if on same box will come as connected.
You can have two interfaces -interface configured with 192..x.x.x set SL little higher you should be good.
SL min security level right..
you min i need to use ACL to deny 172.X.X.X to access 192.X.X.X network right...
By default there's an implicit allow any rule for high SL to low SL. So at the bare minumum
Make ASA interface (whatever gateway address you're using) on the 172.16.1.0/24 network SL 50
Make ASA interface (whatever gateway address you're using) on the 192.168.1.0/24 network SL 75
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: