Re: CBAC on non-standard tcp port

From: Felix Nkansah (felixnkansah@gmail.com)
Date: Wed Feb 11 2009 - 11:06:51 ARST

• Next message: Biddu Mehta: "Intercos Bursting"
• Previous message: Sadiq Yakasai: "Re: CBAC on non-standard tcp port"
• Maybe in reply to: Edouard Zorrilla: "CBAC on non-standard tcp port"
• Next in thread: sushil menon: "Re: CBAC on non-standard tcp port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi Edouard,
I would suggest you use PAM to assign the non-standard 8080 to the http
protocol.

ip port-map http port tcp 8080
ip inspect name ccie-inspect http

CBAC would then inspect http on the default tcp port 80 and the new
self-defined tcp port 8080.

Verify with show ip port-map http

Felix
r&s, security

On Wed, Feb 11, 2009 at 12:17 PM, Edouard Zorrilla <ezorrilla@tsf.com.pe>wrote:

> Hello,
>
> Anyone has set up :
>
> (config)#ip inspect name ccie-inspect http,
>
> on a non-standard tcp port, like 8080 for instance ?. How ?
>
> Thanks a lot.
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net

• Next message: Biddu Mehta: "Intercos Bursting"
• Previous message: Sadiq Yakasai: "Re: CBAC on non-standard tcp port"
• Maybe in reply to: Edouard Zorrilla: "CBAC on non-standard tcp port"
• Next in thread: sushil menon: "Re: CBAC on non-standard tcp port"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST