07-26-2014 07:11 PM - edited 03-11-2019 09:32 PM
hi all,
i'm going to configure a new ASA 5525-X from scratch.
several clients will be connected and will be NAT'd on the ASA.
my question is, is it a 'best' practice to have different security levels for my clients or do i
set the same security level (i.e. 100) and configure (or not?) the same-security-traffic permit inter-interface command.
Solved! Go to Solution.
07-26-2014 10:34 PM
Hi John,
I am gonna give you the mixed response.... if you have the required ACL's in place, then security level what you define in interface will not have a major value to it.....
But it is good to define a different security levels for different interfaces in order to define a more secured and the less secured network of yours...
But anything you do will not make a major difference...
Regards
Karthik
07-26-2014 10:34 PM
Hi John,
I am gonna give you the mixed response.... if you have the required ACL's in place, then security level what you define in interface will not have a major value to it.....
But it is good to define a different security levels for different interfaces in order to define a more secured and the less secured network of yours...
But anything you do will not make a major difference...
Regards
Karthik
07-27-2014 10:05 PM
Hi karthik,
thanks for your response!
i realized that ACL matters as compared to the default security provided by the 'security-level' of each interface.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: