From: Anthony Sequeira (asequeira@internetworkexpert.com)
Date: Thu Jan 29 2009 - 14:17:55 ARST
You have correctly configured the inspection of your UDP sessions from the
inside network (behind R5), to the outside network (behind the backbone).
What you have failed to configure is an access-list inbound on R5 Fa0/0
that blocks all traffic.
Please note, you could have also configured your inspection inbound on the
inside interface of R5.
Warmest regards,Anthony J. Sequeira, CCIE #15626, CCSI #23251Senior CCIE
Instructorasequeira@internetworkexpert.comInternetwork Expert,
Inc.http://www.InternetworkExpert.comToll Free: 877-224-8987Outside US:
775-826-4344
----- Original Message -----
From: "GAURAV MADAN" <gauravmadan1177@gmail.com>
Sent: Thu, January 29, 2009 9:05
Subject:CBAC : never work for me :(
Hi Friends
CBAC is one gray area that i dont undertsnd at all.. please help me in
poiintg whre am i wrong
R5 192.10.1.5 f0/0.52============= 192.10.1.254BB
I want traffic from outside to come in my network if and only if initiated
from inside my network.
first i configured :
ip inspect name CBAC udp
int f0/0.52
ip inspect CBAC out
i expect that all my tcp sessions to BB (like BGP ) will fail .. also i
expect ping to BB will fail etc etc (because i have permitted only udp)..
rest policies i will appply later . But here only my understainding is
failing . I am able to pin BB , tcp sessions are UP
Also please clearify about the direction of this
Thnx in advace
Gaurav Madan
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:43:40 ARST