GroupStudy.com - CCIE, CCNA, CCNP and other Cisco Certifications

Home

BookStore

StudyNotes

Links

[Chronological Index] [Thread Index] [Top] [Date Prev][Date Next] [Thread Prev][Thread Next]

Subject: CBAC [7:103116]
From: "Tran Nhu Quang" <nhuquang.tran@xxxxxxxxxxxx>
Date: Wed, 28 Sep 2005 23:15:36 -0400

Hi,
I'm wondering that how CBAC can handle the fragments on the TCP connection
when internal users try to connect to outer services. I know that, for
outbound connection, the ACL will be processed first then the CBAC. Only the
initial fragment on TCP data contains full information of L3/L4. The rest
traffic contain only L3 information, so how can CBAC recognize whether they
belong with which connection? I configured the router just as

ip inspect fw http
ip inspect fw tcp
ip inspect fw udp

interface fast Ethernet 0/0
ip inspect fw out

But the users cannot surf web by this CBAC. Why?




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=103116&t=103116
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html

Prev by Date: Re: Spanning Tree and Gigastack Gbics [7:103072]
Next by Date: Re: CBAC [7:103116]
Previous by thread: NDN: Cisco Certification Digest V2 #3194 [7:103111]
Next by thread: Re: CBAC [7:103116]
Index(es):
- Date
- Thread