CBAC configuration steps:
- Choose an interface (inside or outside).
- Configure an ip access list that denies all traffic to be inspected.
- Configure global timeouts & thresholds using the ip inspect commands.
- Define an inspection rule & an optional rule-specific timeout value using the ip inspect name protocol commands.
- Apply the inspection rule to an interface.
- Apply the access list to the same interface as the inspection rule, but in the opposite direction(inbound or outbound)
No comments:
Post a Comment