Netrinc
asked on
asa 5510 how to allow traffic between subinterfaces
i have a asa 5510 and have created 2 subinterfaces e0/0.50 and e0/0.200. both have the same security level. i have enabled "same-security-traffic permit intra-interface" to permit traffic in and out of the same interface. i have done this(inter-interface) with other asa5510 but they used distinct physical interfaces.
if i cant do it the same way as on physical interfaces, how do i get my 2 subinterfaces to talk to each other? ACLs?
i read that you cant route in and out of the same interface
https://www.experts-exchange.com/questions/23683971/Route-between-VLANS-asa-5510.html?sfQueryTermInfo=1+10+30+5510+allow+asa+between+subinterfac+traffic
if i cant do it the same way as on physical interfaces, how do i get my 2 subinterfaces to talk to each other? ACLs?
i read that you cant route in and out of the same interface
https://www.experts-exchange.com/questions/23683971/Route-between-VLANS-asa-5510.html?sfQueryTermInfo=1+10+30+5510+allow+asa+between+subinterfac+traffic
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
thanks. i used the static nat and it works. i did try static nat before but apparently i suck at ASDM.
now if at a later time i would like to lower the security level on one of these subinterfaces, would the static nat still be sufficient?
now if at a later time i would like to lower the security level on one of these subinterfaces, would the static nat still be sufficient?
If you change the security level, you will have to add an access-list on the lower security interface
ASKER
i am just having problems getting traffic to pass freely between the 2 subinterfaces.