<div>
First make sure you have a security plus license.<br />
<a href="http://www.petenetlive.com/KB/Article/0000869.htm" rel="ugc">Cisco ASA 5505 Routing Between Two (Internal) VLANS</a>
</div>


First make sure you have a security plus license.
Cisco ASA 5505 Routing Between Two (Internal) VLANS [http://www.petenetlive.com/KB/Article/0000869.htm]

<div>
Yes, it has a security plus license.<br />
<br />
Thanks for the example! &nbsp;Is there a difference in the config if you want to allow traffic from two vlans that have difference security levels? &nbsp;In my situation I need to allow the VLAN2 (security 50) access to VLAN1 (security 100) over specific ports (RDP, Telnet, etc).
</div>


Yes, it has a security plus license.

Thanks for the example!  Is there a difference in the config if you want to allow traffic from two vlans that have difference security levels?  In my situation I need to allow the VLAN2 (security 50) access to VLAN1 (security 100) over specific ports (RDP, Telnet, etc).

<div>
To go from a less secure to a more secure interface you simply need to allow the traffic with an ACL (if your os is older than 8.4 you also need a nat statement).<br />
<br />
P
</div>


To go from a less secure to a more secure interface you simply need to allow the traffic with an ACL (if your os is older than 8.4 you also need a nat statement).

P

<div>
<div class="content wysiwyg-content">
Hello,<br />
<br />
Trying to get specific traffic to flow between VLANs on a 5505. &nbsp;Basically I have 3 networks: Internet, VLAN 1 and VLAN 2. &nbsp;VLAN 1 is where all of our servers are and VLAN is where all of our RDP workstations are. &nbsp;We only want to allow certain traffic to go from VLAN 2 to VLAN 1 (such as RDP, telnet, etc) . &nbsp;All traffic can go from VLAN 1 to VLAN 2. &nbsp;Both VLAN1 and 2 can access the internet. &nbsp;<br />
<br />
Any thoughts?<br />
<br />
Thanks,<br />
Mike
</div>
</div>


Hello,

Trying to get specific traffic to flow between VLANs on a 5505.  Basically I have 3 networks: Internet, VLAN 1 and VLAN 2.  VLAN 1 is where all of our servers are and VLAN is where all of our RDP workstations are.  We only want to allow certain traffic to go from VLAN 2 to VLAN 1 (such as RDP, telnet, etc) .  All traffic can go from VLAN 1 to VLAN 2.  Both VLAN1 and 2 can access the internet.  

Any thoughts?

Thanks,
Mike

Cisco ASA allowing traffic between VLAN's

Cisco PIX is a dedicated hardware firewall appliance; the Cisco Adaptive Security Appliance (ASA) is a firewall and anti-malware security appliance that provides unified threat management and protection the PIX does not. Other Cisco devices and systems include routers, switches, storage networking, wireless and the software and hardware for PIX Firewall Manager (PFM), PIX Device Manager (PDM) and Adaptive Security Device Manager (ASDM).

Cisco

Hardware-based firewalls provide more sophisticated protection for inbound and outbound traffic than the simple Windows software firewall or the basic NAT firewalls found in routers. These devices implement techniques such as stateful packet inspection, deep packet inspection, and content filtering; and may include built-in antivirus and anti-malware protection.

Hardware Firewalls

Network design and methodology, also known as network architecture, is the design of a communication network. It is a framework for the specification of a network's physical components and their functional organization and configuration, its operational principles and procedures, as well as data formats used in its operation. In telecommunication, the specification of a network architecture may also include a detailed description of products and services delivered via a communications network, as well as detailed rate and billing structures under which services are compensated.