Pravin Phadte Tue, 07/01/2008 - 08:18
User Badges:
  • Silver, 250 points or more

Hi,


ou have to list them before tcp or udp keywords, otherwise their control streams will not be inspected and there will be no provision for data sessions.


ip inspect name Internet

ip inspect name Internet h.323 router-traffic

ip inspect name Internet sip router-traffic


interface FastEthernet0/0

ip inspect Internet out


Below is the link for more reference.


http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_i2.html


Hope this helps,


Regards,


Pravin


ajay chauhan Thu, 07/03/2008 - 09:21
User Badges:
  • Silver, 250 points or more

Hi Pravin,


can u pls explain me little more where to use tcp and udp keywords ?


and in which direction i need to apply inpect rule do i need to apply on both interfaces In and Out?


Thanks

paolo bevilacqua Thu, 07/03/2008 - 09:37
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Actually I believe that no inspect command is needed for SIP.

Current IOS applye "NAT SIP ALG" automatically without configuring anything.

Actions

This Discussion