Ajay,
Give this a read, the inspect is a little more sophisticated than a reflexive state based ACL.
-ryan
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Ajay mehra
Sent: Friday, August 14, 2009 1:38 PM
To: ccielab_at_groupstudy.com
Subject: doubts on matching traffic in CBAC
Hi,
Using CBAC we can match different types of traffic like tcp, udp , smtp
telnet etc...
ip inspect name CBAC tcp
ip inspect name CBAC udp
ip inspect name CBAC smtp
ip inspect name CBAC telnet
With above configuration I have a doubt that if inspection of tcp is enabled
in 1st statement then is there any significance of having smtp in 3rd
statement? would not tcp keyword also match all the traffic which uses tcp
like smtp and telnet uses tcp port 25 and 23.
Thanks for your help
Ajay
Blogs and organic groups at http://www.ccie.net
Received on Fri Aug 14 2009 - 14:14:35 ART
This archive was generated by hypermail 2.2.0 : Tue Sep 01 2009 - 05:43:56 ART