Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

1812 firewall

Below is part of my config file of router 1812. With this implementation I only have problem with sending e-mails.

What is wrong? How can I exclude inspection of smtp?

---

class-map type inspect match-all sdm-cls--3

match access-group name Public

class-map type inspect match-any sdm-cls--2

match access-group name Internet

class-map type inspect match-all sdm-cls--1

match access-group name LAN

class-map type inspect match-all sdm-cls--5

match access-group name pristup

class-map type inspect match-all sdm-cls--4

match access-group name VPN

!

!

policy-map type inspect sdm-policy-sdm-cls--1

class type inspect sdm-cls--1

inspect

class class-default

policy-map type inspect sdm-policy-sdm-cls--3

class type inspect sdm-cls--3

inspect

class class-default

policy-map type inspect sdm-policy-sdm-cls--2

class type inspect sdm-cls--2

inspect

class class-default

pass

policy-map type inspect sdm-policy-sdm-cls--5

class type inspect sdm-cls--5

inspect

policy-map type inspect sdm-policy-sdm-cls--4

class type inspect sdm-cls--4

inspect

class class-default

!

zone security visitors

zone security employee

zone security Internet

zone security VPN

zone-pair security sdm-zp-visitors-employee source visitors destination employee

service-policy type inspect sdm-policy-sdm-cls--1

zone-pair security sdm-zp-employee-Internet source employee destination Internet

service-policy type inspect sdm-policy-sdm-cls--2

zone-pair security sdm-zp-visitors-Internet source visitors destination Internet

service-policy type inspect sdm-policy-sdm-cls--3

zone-pair security sdm-zp-VPN-employee source VPN destination employee

service-policy type inspect sdm-policy-sdm-cls--4

zone-pair security sdm-zp-Internet-employee source Internet destination employee

service-policy type inspect sdm-policy-sdm-cls--5

----------------------

1 REPLY
Bronze

Re: 1812 firewall

The Cisco 1800 integrated services routers support network traffic filtering by means of access lists. To apply a set of inspection rules to an interface, use the "ip inspect" command in interface configuration mode. There are two different modes for this command, configuration mode and interface configuration mode. To remove the set of rules from the interface, use the no form of this command.

146
Views
0
Helpful
1
Replies