Allowing Communication Between Interfaces On The Same Security Level - Cisco PIX 500 Series Configuration Manual

Chapter 7 Configuring Interface Parameters
hostname/contextA(config-if)# mac-address 030C.F142.4CDE standby 040C.F142.4CDE
hostname/contextA(config-if)# no shutdown
Allowing Communication Between Interfaces on the Same
Security Level
By default, interfaces on the same security level cannot communicate with each other. Allowing
communication between same security interfaces provides the following benefits:
•
•
If you enable NAT control, you do not need to configure NAT between same security level interfaces.
Note
See the
and same security level interfaces.
If you enable same security interface communication, you can still configure interfaces at different
security levels as usual.
To enable interfaces on the same security level so that they can communicate with each other, enter the
following command:
hostname(config)# same-security-traffic permit inter-interface
To disable this setting, use the no form of this command.
OL-12172-03
You can configure more than 101 communicating interfaces.
If you use different levels for each interface and do not assign any interfaces to the same security
level, you can configure only one interface per level (0 to 100).
You want traffic to flow freely between all same security interfaces without access lists.
"NAT and Same Security Level Interfaces" section on page 17-13

Allowing Communication Between Interfaces on the Same Security Level

Cisco Security Appliance Command Line Configuration Guide
for more information on NAT
7-7