General discussion


ASA 5510 Two Internal Interface Configuration

By ksecer ·
I want to configure ASA 5510 such that
Eth 0/0 , IP : Security Level:100
Eth 0/1 , IP : Security Level:100
Eth 0/2 , IP : 212.175.x.x Security Level:0

Eth0/0 is inside1
Eth0/1 is inside2
Eth0/3 is outside

i want to perform that two inside interface clients can communicate each other , and access to internet via outside.

I checked "Enable Traffic Between Same Security Level Interfaces" , and inside1 and inside2 communicate each other.
than, i added PAT for these networks can access to internet , after that inside1 and inside2 can access to internet ,but cann't communicate each other. I want that inside1 and inside2 can communicate each other and can access to internet too.

there is any suggestion? Pls help me.

This conversation is currently closed to new comments.

1 total post (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

Collapse -

Not sure if you fixed this, but...

by jimbobmcgee In reply to ASA 5510 Two Internal Int ... you have any nat 0 settings for your interfaces?

I found that, when I enabled same-security-interface, I needed to prevent NAT'ing from occurring for traffic leaving eth0/0's subnet going to eth0/1's subnet:

same-security-traffic permit inter-interface

access-list inside1_nat0_outbound extended permit ip
access-list inside2_nat0_outbound extended permit ip

global (outside) 10 interface
nat (inside1) 0 access-list inside1_nat0_outbound
nat (inside1) 10
nat (inside2) 0 access-list inside2_nat0_outbound
nat (inside2) 10

Back to Networks Forum
1 total post (Page 1 of 1)  

Related Discussions

Related Forums