If you want to inspect locally generated traffic you need it outbound on the
serial interface. If you don't want to account for router generated traffic
then the first is good. There are situations that you will want to do one
or the other so knowing why will help you understand the when.
Regards,
Tyson Scott - CCIE #13513 R&S, Security, and SP
Technical Instructor - IPexpert, Inc.
Mailto: tscott_at_ipexpert.com
Telephone: +1.810.326.1444, ext. 208
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Vibeesh S
Sent: Thursday, April 29, 2010 9:39 AM
To: Cisco certification
Subject: Query CBAC implementation
Hi,
Assuming that I have router with the following interfaces
F0/0 ---- Router ---- S0/0/0
If I am configuring cbac for traffic going out of my lan to the internet
Is this
conf t
inte f0/0
ip inspect inspection-name1 in
the same desired implementation as
conf t
inter s0/0/0
ip inspect inspection-name1 out
If so, is configuring either one of them acceptable in the lab.
Or is there any limitation/practises
Thanks,
Vibs
Blogs and organic groups at http://www.ccie.net
Received on Thu Apr 29 2010 - 10:19:26 ART
This archive was generated by hypermail 2.2.0 : Sat May 01 2010 - 09:49:57 ART