- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2010 01:25 AM - edited 03-11-2019 09:55 AM
Why should one keep same security levels on multiple interfaces on Cisco Firewalls? What could be the impact? I was under the impression that same security level cannot be given on multiple interfaces, but i came across a configuration,and had to change my assumption. Just want to understand the best practice and the impact if we configure the interfaces in such a way that 2 interfaces have sec-level 60, 2 have sec-level 80 with remaining as inside and outside...
Solved! Go to Solution.
- Labels:
-
NGFW Firewalls
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2010 01:58 AM
If you assign same security level for multiple interface , there will no traffic flow by default unless you configure same-security-traffic permit inter-interface command.
This is used to completely isolate traffic from two interfaces.
Dileep
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-11-2010 01:58 AM
If you assign same security level for multiple interface , there will no traffic flow by default unless you configure same-security-traffic permit inter-interface command.
This is used to completely isolate traffic from two interfaces.
Dileep
