11-24-2010 02:57 AM - edited 03-11-2019 12:13 PM
We have a remote 1811 router which has zone based in it. We want to check if zone based configuring is doing any check on applications & if so, which all applications.
is there any command to identify that.
TIA
Solved! Go to Solution.
11-25-2010 12:58 AM
if you have any inspect rules for ftp traffic, then ftp inspection is happening
11-24-2010 05:23 AM
zone based firewall is cable of doing l7 inspection. it is capable of lot things , but do youhave any specific thing in mind that you are looking for
if it is ok you might want to paste
show run class-map
show run policy-map
show zone-pair security
so that we can check it and inform what your zone based firewall is configured for
11-24-2010 10:47 PM
thanks. unfortunately that device cant be accessed by me.But i have been told that it has only statements for allowing traffic from certain zones to others.
i was looking to see if there is any ftp or so application inspection on it.
but the site people tell me they dont find anything in the configurations about ftp.
So will that mean it is not doing any level 4 -7 inspection.
TIA
11-25-2010 12:58 AM
if you have any inspect rules for ftp traffic, then ftp inspection is happening
11-25-2010 04:13 AM
thanks.
similarly, on an asa, due to some previous problems, smtp inspection was turned off.
but in the configuration, following was seen :
policy-map type inspect esmtp smtp_map
parameters
as the smtp inspection was already not being inspected. will the above smtp_map work or take active role & cause inspection for smtp.
service-policy does not show any smtp inspection.
is this a normal way to see this even after smtp has been turned off.
TIA
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: