06-29-2021 03:21 AM
i have an issue but im not sure if its an issue or not ? which is all interfaces security level are 0 and according to my below configuration i have inside and outside and both zero sec level as below :
interface GigabitEthernet1/1
nameif outside
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
ip address 1x.xx.1x.xx 255.2xx.0.x
!
interface GigabitEthernet1/2
nameif inside
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
ip address 1x.xx.14.xx 255.2xx.0.0
!
interface Management1/1
management-only
nameif diagnostic
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
no ip address
my question is that must to make inside int to be 100 and hwo to do this?
if i leave it as it is so it will effecting my internet connectivity ,NAT, VPN TUNNELING and so on ? because what i know that inside sec lvl should be bigger that outside sec lvl ?
Solved! Go to Solution.
06-29-2021 03:28 AM - edited 06-29-2021 04:53 AM
Hi @amralrazzaz
I assume you are running FTD software image on the hardware? If so then all interfaces have a security level of 0, unlike ASA which relied on security levels. On FTD you define Zones and interface names. You can use Flexconfig to configure security-level, though you don't need to any longer.
06-29-2021 03:28 AM - edited 06-29-2021 04:53 AM
Hi @amralrazzaz
I assume you are running FTD software image on the hardware? If so then all interfaces have a security level of 0, unlike ASA which relied on security levels. On FTD you define Zones and interface names. You can use Flexconfig to configure security-level, though you don't need to any longer.
07-01-2021 03:33 AM
thanks rob for your answer , so just to confirm from you that no need to do any changes and i keep it like this and it will not effecting my connection,setup,configurtions and so on ??
am i correct ?
07-01-2021 03:36 AM - edited 07-01-2021 04:05 AM
Hi @amralrazzaz
No you don't need to do anything, it will work fine without security levels.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide