I have a 2811 Router running 12.4.19 with the IOS Firewall feature set. My question is whether to use the CBAC or Zone-based method of deployment. I have 12 VLANs (wired and wireless) off one FE interface that will need a minimum of three different security levels. In addition there two WAN interfaces (T1 primary and ISDN backup). The future plans include replacing the ISDN backup with an GRE IPSEC VPN off the second FE interface and also creating additional security levels within the wired and wireless VLANs.
I think you can configure CBAC. The Context-Based Access Control (CBAC) feature of the Cisco IOS Firewall Feature Set actively inspects the activity behind a firewall. CBAC specifies what traffic needs to be let in and what traffic needs to be let out by using access lists (in the same way that Cisco IOS uses access lists). However, CBAC access lists include ip inspect statements that allow the inspection of the protocol to make sure that it is not tampered with before the protocol goes to the systems behind the firewall.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...