RE: CBAC

From: Joseph Brunner (joe@affirmedsystems.com)
Date: Thu May 08 2008 - 23:19:48 ART

• Next message: Luan Nguyen: "cisco-workbook-version-69-redistribution-question"
• Previous message: Patrick Galligan: "CBAC"
• Maybe in reply to: Patrick Galligan: "CBAC"
• Next in thread: Joseph Brunner: "RE: CBAC"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Cbac inspects traffic at the incoming interface. So if your F0/0 interface
(on the way to the loopback from the lan) or your F0/1 interface (touching
the internet) has ip inspect <name> in the traffic will be inspected.

If you want to specifically combine policy routing or local policy routing
to move traffic to a certain destination, this happens independently of cbac
inspection. I use cbac almost daily in the real world, and almost never use
Ip inspect <name> out unless I'm looking to inspect router generated traffic
such as ntp, etc.

-Joe

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Patrick Galligan
Sent: Thursday, May 08, 2008 9:57 PM
To: Cisco certification
Subject: CBAC

Is there any way to have CBAC inspect traffic destined to a loopback
on a router (the same router running CBAC)? eg. with a local policy?

• Next message: Luan Nguyen: "cisco-workbook-version-69-redistribution-question"
• Previous message: Patrick Galligan: "CBAC"
• Maybe in reply to: Patrick Galligan: "CBAC"
• Next in thread: Joseph Brunner: "RE: CBAC"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:16 ART