[cisco-voip] QS: regarding pix/asa security levels
Syed Khalid Ali
Khalid_Khursheed at hotmail.com
Thu Apr 3 05:05:50 EDT 2008
hi
i have just started to read snpa book. the question is:
1- can higher security level (100) interface can access lower security level interface without a NAT transalation?
2- I setup my asa with 2 interfaces (inside and outside) and tried to ping from an inside host to an outside host but it failed.
3- For an inside host to access an outside host do we need translation or access rule or both?
4- Do we need to have an inspect icmp in inspection policy for number 1 to work without a transaltion and access rule or both?
PS: I know that this a not a security related forum but there are lots of people here who are skilled in different domain.
regards,
Khalid
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-voip/attachments/20080403/3979e530/attachment.html
More information about the cisco-voip
mailing list