Cisco ASA and PIX Firewall Handbook

3-1. Configuring Interfaces

Every firewall has one or more interfaces that can be used to connect to a network. To pass and inspect traffic, each firewall interface must be configured with the following attributes:

Name
IP address and subnet mask (IPv4; beginning with PIX 7.x, IPv6 is also supported)
Security level (a higher level is considered more secure)

Traffic is allowed to flow from a higher-security interface to a lower-security interface (“inside” to “outside,” for example) as soon as access list, stateful inspection, and address translation require-ments are met. Traffic from a lower-security interface to a higher one must pass additional inspection and filtering checks.

Firewall interfaces can be physical, where actual network media cables ...

Get Cisco ASA and PIX Firewall Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Cisco ASA and PIX Firewall Handbook by Dave Hucaby

3-1. Configuring Interfaces

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly