batmon34
asked on
ASA Security Policy Rule Question
Hi,
I have three interfaces, inside, outside, lab. Their security level are
inside =100
outside = 0
lab = 50
This works fine with default permit "any less secure networks" rule.
Now there is one lab machine needs to access a inside machine. When I add that rule to the lab interface, the default permit "any less secure networks" rule goes away and my lab network cannot access Internet (outside) anymore.
How can I make this work? I cannot add permit any any because then lab can access all inside network too. Is there something like permit "lab" to "outside"??
550 points. Thank you.
I have three interfaces, inside, outside, lab. Their security level are
inside =100
outside = 0
lab = 50
This works fine with default permit "any less secure networks" rule.
Now there is one lab machine needs to access a inside machine. When I add that rule to the lab interface, the default permit "any less secure networks" rule goes away and my lab network cannot access Internet (outside) anymore.
How can I make this work? I cannot add permit any any because then lab can access all inside network too. Is there something like permit "lab" to "outside"??
550 points. Thank you.
the way I would do it is add the permit for the one pc, then do deny lines for all IP to the inside networks, then permit any any
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.