12-07-2021 11:08 AM
I have read some posts and command reference documents regarding "same-security-traffic permit inter-interface". There seems to be conflicting information when it is applied with the ACL as the behaviour might have changed over the years (not sure).
Some posts suggests that when traffic is flowing b/w interafces at same security level, if the ACL is applied, it takes precedence over the same security permit statement. There are other statements which claim that ACL, if present, is bypassed when the traffic is flowing b/w interfaces at same security level.
Which statement is true for the 9.x versions.
12-07-2021 11:50 AM
@S891 if you have an ACL configured this will take precedence and this will be checked to determine whether traffic is permitted or not. In this scenario the command "same-security-traffic permit inter-interface" is irrelevant.
12-08-2021 11:59 AM
https://networkdirection.net/articles/firewalls/asa-securitylevels/
please see above link, it show the relation between the ACL and Security level "which effect by same security command".
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide