cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1016
Views
0
Helpful
3
Replies

Question about statefull inspection on IOS firewall

fdubus
Level 1
Level 1

Hi !

I need for test purposes to initiate tcp traffic from my router to the internet

i have set an inspect list on the outbound interface:

router(config)# int eth0

routert(config-if)# ip inspect myfw out

but the tcp sessions initiated from the router are not added int the inspection table and the tcp packets are dropped on their way back

Is there a solution to do this ?

Regards,

\François

3 Replies 3

Kent Heide
Level 1
Level 1

If what you're meaning is traffic initiating from the router itself like for example if you want to telnet from the router you need to add a statement in your `ip inspect` config.

What you need is the `router-traffic` keyword after your inspect configuration.

ip inspect myfw tcp router-traffic

Thank you!

This is exactly what i was meaning !

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: