Have you seen the latest Cisco Security book ??? It's a little more clearer
than what I have been able to find on the CCO, dealing with the Firewall IOS
(explains all the nuances & features of these access-lists). Have you tried
ConfigMaker when setting the default values for the reflexive access lists &
the inspects ? If this were say a Internet connection(cable modem in my
case) you want to inspect on the facing out interface, but apply the rule
for the incoming.
Did I come close to answering the question ???
Phil
----- Original Message -----
From: "Vyacheslav Luschinsky"
To:
Sent: Monday, June 25, 2001 9:01 AM
Subject: CBAC and DOS attack [7:9748]
> I have some trouble in understanding how to use firewall set(CBAC) to
limit
> half open inbound sessions from Internet.
> First you have to identify traffic
>
> ip inspect name myname tcp
>
> then you have to put it on interface.
> cisco examples show only one situation when you need to allow sessions
from
> your local LAN. So it is not clear should I apply inspecting to inbound
> traffic on serial int. or outbound for ethernet int.
> Did anyone deal whis it?
Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=9777&t=9748
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]