CBAC - Java

From: gladston@br.ibm.com
Date: Fri Jul 23 2004 - 17:58:50 GMT-3

• Next message: Scott Morris: "RE: Administrativly scooped address"
• Previous message: alsontra@hotmail.com: "Re: Administrativly scooped address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Will both configurations achive the same result?

CBAC
 permit java from server 200.200.200.200 from entering the network to the interface serial 0

   ip inspect name Cbac http java-list 50
   !
   access-list 50 permit host 200.200.200.200
   !
   access-list 100 deny ip any any
 !
   interface ethernet 0
    description internal network
    ip inspect Cbac in
   !
   interface serial 0
    ip access-group 100 in
  !
  end

or

 ip inspect name Cbac http java-list 50
   !
   access-list 50 permit host 200.200.200.200
   !
   access-list 100 deny ip any any
 !
   interface serial 0
    ip access-group 100 in
    ip inspect Cbac in
   !
  end

Both cases CBAC should create dynamic entries on access-list 100 permiting returning traffic

• Next message: Scott Morris: "RE: Administrativly scooped address"
• Previous message: alsontra@hotmail.com: "Re: Administrativly scooped address"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Aug 01 2004 - 10:12:01 GMT-3