06-29-2021 03:21 AM
i have an issue but im not sure if its an issue or not ? which is all interfaces security level are 0 and according to my below configuration i have inside and outside and both zero sec level as below :
interface GigabitEthernet1/1
nameif outside
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
ip address 1x.xx.1x.xx 255.2xx.0.x
!
interface GigabitEthernet1/2
nameif inside
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
ip address 1x.xx.14.xx 255.2xx.0.0
!
interface Management1/1
management-only
nameif diagnostic
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
no ip address
my question is that must to make inside int to be 100 and hwo to do this?
if i leave it as it is so it will effecting my internet connectivity ,NAT, VPN TUNNELING and so on ? because what i know that inside sec lvl should be bigger that outside sec lvl ?
Solved! Go to Solution.
06-29-2021 03:28 AM - edited 06-29-2021 04:53 AM
Hi @amralrazzaz
I assume you are running FTD software image on the hardware? If so then all interfaces have a security level of 0, unlike ASA which relied on security levels. On FTD you define Zones and interface names. You can use Flexconfig to configure security-level, though you don't need to any longer.
06-29-2021 03:28 AM - edited 06-29-2021 04:53 AM
Hi @amralrazzaz
I assume you are running FTD software image on the hardware? If so then all interfaces have a security level of 0, unlike ASA which relied on security levels. On FTD you define Zones and interface names. You can use Flexconfig to configure security-level, though you don't need to any longer.
07-01-2021 03:33 AM
thanks rob for your answer , so just to confirm from you that no need to do any changes and i keep it like this and it will not effecting my connection,setup,configurtions and so on ??
am i correct ?
07-01-2021 03:36 AM - edited 07-01-2021 04:05 AM
Hi @amralrazzaz
No you don't need to do anything, it will work fine without security levels.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: