Cisco Bug: CSCuq66454 - ASA DP configures same-security-traffic permit inter-interface
Nov 09, 2016
- Cisco ASA 5500-X Series Firewalls
Known Affected Releases
Symptom: The ASA device package configures the 'same-security-traffic permit inter-interface' on the ASA by default. The decision to permit or deny communication between interfaces with equal security levels should be an explicit configuration from the user/admin. On the ASA itself, by default, interfaces on the same security level cannot communicate with each other. The ASA device package should have a meta folder/parameter key to allow user/admin to explicitly permit or deny communication between interfaces with equal security levels. Conditions: ASA configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases