Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
966
Views
5
Helpful
2
Replies

When "same-security-traffic permit inter-interf" is applied with ACL

S891
Level 2
Level 2

‎12-07-2021 11:08 AM

I have read some posts and command reference documents regarding "same-security-traffic permit inter-interface". There seems to be conflicting information when it is applied with the ACL as the behaviour might have changed over the years (not sure). 

 

Some posts suggests that when traffic is flowing b/w interafces at same security level, if the ACL is applied, it takes precedence over the same security permit statement. There are other statements which claim that ACL, if present,  is bypassed when the traffic is flowing b/w interfaces at same security level. 

 

Which statement is true for the 9.x versions. 

0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎12-07-2021 11:50 AM

@S891 if you have an ACL configured this will take precedence and this will be checked to determine whether traffic is permitted or not. In this scenario the command "same-security-traffic permit inter-interface" is irrelevant.

MHM Cisco World
VIP
VIP

‎12-08-2021 11:59 AM

https://networkdirection.net/articles/firewalls/asa-securitylevels/

please see above link, it show the relation between the ACL and Security level "which effect by same security command". 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card