Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
512
Views
0
Helpful
1
Replies

Communicating between two internal interfaces

RBenke
Level 1
Level 1

‎08-21-2018 11:29 AM - edited ‎02-21-2020 08:08 AM

I inherited this firewall configuration, so don't ask why it's the way it is.

 

Here's the scenario:

Inside_1, security level 100

Inside_2, security level 10

Outside, security level 0

 

I need to allow clients on Inside_2 to connect to a web server on Inside_1.

 

I know there's more than one piece to this. Right now, I'm just trying to answer this question:

Can this be made to work with the existing security levels, or must I make both Inside interfaces the same security level? Is there any downside to doing so?

 

 

0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎08-21-2018 11:52 AM

Hi,
You need to create an ACL to permit traffic from a lower security level to a higher security level. So if you create an inbound ACL on Inside_1 and permit the traffic you need. Ensure that NAT is going to interfere by not natting between the 2 networks behind the interfaces.

HTH
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card