From: Athaide, Dwayne (DAthaide@epco.com)
Date: Thu May 15 2008 - 15:46:18 ART
In order to inspect telnet traffic to R3 you can enable ip inspection on the link outbound towards R3. To also allow inspection for locally generated traffic for example from R2 towards R3 you will need to put the 'router traffic" statement in your configuration. Use the show ip inspect session to verify.
R2
ip inspect name TCP tcp router-traffic
Interface to R3
ip inspect TCP out
ip access-group 101 in
ip access-group 100 out
access-list 100 permit tcp any host x.x.x.x eq telnet
access-list 100 deny tcp any any eq telnet
access-list 100 permit ip any any
access-list 101 deny ip host x.x.x.x any
access-list 101 permit ip any any
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of raul raul
Sent: Thursday, May 15, 2008 9:07 AM
To: ccielab@groupstudy.com
Subject: ip inspect help
HI mate ;
need help
Question :
R1 -------> R2-------------R3
enable ip inspect telnet incoming on R3
is it any solution to inspect telnet traffic originate from R1 or R2 to R3 ?
if enable ip inspect on R2 outgoing; then telnet to R3 it will works ; how abt enable it on R3 and let it works ?
This archive was generated by hypermail 2.1.4 : Mon Jun 02 2008 - 06:59:16 ART