IOS Firewall and ip unnumbered

From: Mark Miller (markmiller@alltel.net)
Date: Wed Feb 12 2003 - 00:24:23 GMT-3

• Next message: Joe Chang: "Re: OSPF for 400+ Locations"
• Previous message: Ram Shummoogum: "Re: Can I change the as-path?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Is is possible to configure CBAC (IOS Firewall)
with a router that has an unnumbered configuration?

Example:

int ethernet0
  ip address 130.15.34.1 255.255.255.224

int serial0
  ip unnumbered ethernet0

ip route 0.0.0.0 0.0.0.0 s0

From my understanding, the ios firewall software uses an access-list
placed on the inside network (ie - ethernet0) to dynamically build upon
and keep up with tcp connections requested from the inside. An access-list
on the outside interface (serial0) would be placed to specifically allow known
traffic inside the network. I've always run CBAC along side NAT, with a
private network on the inside and the public netork on the serial (or outside
interface). I was just wondering if CBAC can work in a configuration like the
one above, and how the configuration would differ from a normal application.

Mark Miller
.

• Next message: Joe Chang: "Re: OSPF for 400+ Locations"
• Previous message: Ram Shummoogum: "Re: Can I change the as-path?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Mar 01 2003 - 11:06:19 GMT-3