Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Question about statefull inspection on IOS firewall

Hi !

I need for test purposes to initiate tcp traffic from my router to the internet

i have set an inspect list on the outbound interface:

router(config)# int eth0

routert(config-if)# ip inspect myfw out

but the tcp sessions initiated from the router are not added int the inspection table and the tcp packets are dropped on their way back

Is there a solution to do this ?

Regards,

\François

Everyone's tags (2)
3 REPLIES
New Member

Re: Question about statefull inspection on IOS firewall

If what you're meaning is traffic initiating from the router itself like for example if you want to telnet from the router you need to add a statement in your `ip inspect` config.

What you need is the `router-traffic` keyword after your inspect configuration.

ip inspect myfw tcp router-traffic

New Member

Re: Question about statefull inspection on IOS firewall

Thank you!

This is exactly what i was meaning !

Re: Question about statefull inspection on IOS firewall

658
Views
0
Helpful
3
Replies