Change Security Level in ASA 5508x with Firepower Services 6.2.2

anicisco759 · ‎09-19-2018

How to change security level in ASA 5508-x with firepower services 6.2.2 using Firepower Device Manager ?

I am choosing interfaces into inside,outside and dmz zones accordingly but after that during show running-config checking its showing default security level to zero(0) for all interfaces.

How to solve this issue?

l.cantrell · ‎09-19-2018

By default, the security level for an interface is 0, with the one exception being the inside interface which will default to 100. However, you can change any of these by using the security-level X command on the interface. For example, if you want the DMZ to be 50 you can do the following.
int gix/y

nameif dmz
security-level 50

HTH,

Lance Cantrell

anicisco759 · ‎09-19-2018

but this model dont have any global configuration mode..you can only configure through firepower device manager..

find the attachment..

l.cantrell · ‎09-20-2018

Ahh, you're running FTD software and not ASA code with an SFR module. With the FTD software, you don't define security-levels as there is just a single global access-list called an access-control policy that is used to control traffic. Inside that policy you're select which interface, network or zone you want for source and for the destination to match traffic on. Also to note is that the CLI is very limited with FTD as it's designed to be managed by an FMC.

HTH,

Lance Cantrell