US Region
Grandmetric LLC
Brookfield Place Office
200 Vesey Street
New York, NY 10281
EIN: 98-1615498
Phone: +1 302 691 94 10
EMEA Region
GRANDMETRIC Sp. z o.o.
ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43
info@grandmetric.com
Technology: Network Security
Area: Firewalls
Vendor: Cisco
Software: 8.X, 9.X
Platform: Cisco ASA
Each logical ASA interface must have ip address, security-level and nameif configured to work. Security levels are numbered from 0 to 100. Traffic is allowed to pass from higher to lower security level interface by default. Traffic is denied from lower to higher security level by default. To change this behavior ACLs must be used. Term “traffic” means session being initiated. ASA “understands” sessions and treats packet flows as whole sessions. So term “Traffic allowed from higher to lower interface” means: session that is initiated from higher to lower interface direction. The nameif is your custom name for particular logical interface. You can think of it as a security zone thus give it the meaningful name as a best practice.
To set the nameif and security level issue following commands:
ASA#configure terminal
ASA(config)#interface GigabitEthernet0/0
ASA(config-if)#nameif outside
ASA(config-if)#security-level 10
ASA(config-if)#ip address 192.168.202.201 255.255.255.0
ASA(config-if)#no shutdown