03-13-2008 10:13 AM - edited 03-11-2019 05:17 AM
When I configure subinterfaces on an ASA, how does the security level of the physical interface interact with the security levels of the subinterfaces? Can I make the subinterfaces security levels different from the security level of the physical interface and how is this handled?
TIA
03-13-2008 10:53 AM
Hi,
Every subinterface may have an own security level; sure you may have different security level for every interface.
I hope this helps.
Best regards.
Massimiliano.
03-13-2008 11:45 AM
Thank you for your reply, Massimiliano. Does the security level of the physical interface affect the subinterfaces in any way?
Thanks
03-13-2008 02:36 PM
No, it does not, when you set the security levels for sub interfaces, it does not have any interaction with the security level set on the physical interfaces. Routing is not possible between these interfaces unless you want this to happen then you use a certain command in the ios, if you need this command let me know and i will point you in right direction.
03-13-2008 02:38 PM
No,the security level of physical interface shouldn't affect the security level of sub-interfaces.
interface Ethernet0
nameif outside
security-level 0
no ip address
pixfirewall(config-if)# show run int e0.1
!
interface Ethernet0.1
vlan 2
nameif vlan2
security-level 25
no ip address
pixfirewall(config-if)# show nameif
Interface Name Security
Ethernet0 outside 0
Ethernet0.1 vlan2 25
HTH
Sundar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide