Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
610
Views
0
Helpful
2
Replies

IOS Zone-based Policy Firewall questions

ovt
Level 4
Level 4

‎07-11-2007 12:42 AM - edited ‎03-11-2019 03:43 AM

1. Why doesn't "drop log" policy-map action send unreachables? Is this a bug or feature?

2. Why doesn't ZPF control multicasts terminated at the self zone (EIGRP, for example), so it is not possible to control which multicasts are accepted and which aren't. Is this a bug or feature?

3. Why is SMTP guard enabled by default and cannot be disabled if "match protocol smtp" is used? Is this a bug or feature?

4. Does cisco have performance metrics for ZPF compared to traditional CBAC?

IOS 12.4(15)T

Thx.

Labels:
0 Helpful
2 Replies 2

Not applicable

‎07-18-2007 05:44 AM

Refer to the zone based frewall feature page for more information

http://cisco.com/en/US/products/hw/routers/ps341/products_data_sheet0900aecd802c8530.html

0 Helpful

juan_m_12
Level 1
Level 1

‎02-26-2008 07:55 AM

i have the same problem with the SMTP being blocked,

have you found a way to make it work??

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card