uc520 firewall

Unanswered Question
Aug 21st, 2009
User Badges:

I have to configure uc520 to filter out a few ports between the two vlans I have and I don't know how. Is it possible to do it with CCA or is it better to do it through ssh? I don't even know what are my options.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Steven DiStefano Fri, 08/21/2009 - 05:22
User Badges:
  • Blue, 1500 points or more

CCA 2.0(1) (latest Release) does support the identification of inside and outside interfaces (Faste 0/0) and FW.

But it sounds like you are trying to do something only on inside interfaces?  Can you describe what you are trying to do?

Please describe.

David Hornstein Fri, 08/21/2009 - 05:54
User Badges:
  • Gold, 750 points or more

Hi Jure.korem

CCA will create a firewall configuration and access-lists according to your CCA inputs, i cannot see an option to manually add a ACL.you it has to be modified manually.

But we must consider there are  Out of Band configuration  guidelines on where you can add a Access List entry;

please check out the out of band configuration guide book that can be downloaded from the following link   https://supportforums.cisco.com/docs/DOC-9809

Check out the section of the Out of Band configuration guide called "Security Parameters — Configuring Access Control Lists (ACLs)"

If you are unsure on how to modify or add a access list, you have the ability to work with the Planning Design and Implementation (PDH) team.

If you happen to be  a Cisco Select partner you have the ability to pose this question to the Planning Design and Implementation (PDH) team .

PDI help with planning your install, to help you be successful.  It's worth learning to work with the PDI team, there pretty good.

These folks are aware of the implications of not breaking the Out of Band Configuration guidelines . Breaking the Out of band guidelines could could result in CCA overwriting  any manual changes you make .

To get to the PDI try the following link; http://www.cisco.com/web/partners/tools/pdihd.htmland read the information on the PDI.

You may have to sign into Cisco using your CCO login to be able top open a case with PDI.  I think this is your safest approach to get help with your installation.

regards Dave


This Discussion

Related Content