05-20-2009 04:08 PM - edited 03-04-2019 04:49 AM
Say I have a routers A and B and a host C. Router A has inside FE 192.168.1.1, Router B has inside interface 192.168.1.2 and host C has FE interface 192.168.1.3.
Router A has a route "ip route 192.168.2.0 255.255.255.0 192.168.1.2". If host C sent an NBAR probhited packet say to host 192.168.2.3 - would Router A be able to filter that traffic via NBAR?
Of course it would assume ICMP redirects were not in play. Thank-you.
05-21-2009 06:38 AM
NBAR stands for Network-Based Application Recognition. It does not restrict or filter by itself, it just 'discovers' the applications as they traverse the router. You can use ACL's to filter unwanted traffic.
Hope that helps.
05-21-2009 09:14 AM
Yes - NBAR is used in conjunction with ACLs to do the filtering. So say you put said ACL at the inside interface - would the traffic in my scenario be filtered?
05-21-2009 10:29 AM
An ACL can be used to filter applications. AFAIK ACL's can't be tied to NBAR for filtering. If you know of a way, please post a config or link. Thanks.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: