Hi Steve Here is an extract from the config - access-list 100 controls traffic from the "untrusted" section of the company being migrated.
"firewall" is the name of the ip inspect policy interface Ethernet0/0 description Sydney Local Ethernet Segment ip address 172.25.201.1 255.255.0.0 no keepalive ! interface Ethernet1/0 ip address 192.168.3.3 255.255.255.0 ip access-group 100 in ! interface Serial1/0 description 192K CIR - 576K ACCESS to Head Office mtu 800 no ip address encapsulation frame-relay no ip mroute-cache priority-group 1 frame-relay lmi-type ansi frame-relay route 16 interface Serial1/1 16 frame-relay route 20 interface Serial1/1 20 frame-relay route 22 interface Serial1/1 22 ! interface Serial1/0.1 point-to-point description 192K CIR PVC to Head Office mtu 800 backup delay 5 10 backup interface Dialer0 ip unnumbered Ethernet0/0 ip inspect firewall in bandwidth 192 frame-relay de-group 1 17 frame-relay interface-dlci 17 frame-relay payload-compression packet-by-packet ""Steven A. Ridder"" wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > show me the configs > > ""Dennis Cooper"" wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > Hi guys > > > > The scenario is two customer networks merging in the same building and we > > have a Cisco 3620 in between the two LAN networks. (E0/0 and E1/0) > > > > > > S0/0 -----------3620---------------E0/0 172.25.0.0/16 > > ---------------E1/0 192.168.3.0 > > > > > > > > There is a Frame Relay service to head office on interface Serial 0/0 and > is > > currently ip unnmbered to the E0/0 interface. > > > > Using CBAC I cannot get the ip inspect stuff to work and I suspect > either > > 1. the code 12.0(3)T FFS > > 2. IP unnumbered > > > > Q. Any one done this before? > > > > Regards > > > > Dennis Cooper > > Lab date 13/08/2002 (but who's counting) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=48796&t=48721 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
