Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Policy mapping on 3640

I would like to use a policy map and acl to stop all Code Red from entering my network on my 3640 router. I have 4 serial ports and 2 fast ethernet ports. The serial ports are connected to 2 different ISP's (2 T-1's per ISP). From some of the things that I have read, I would need to use CEF to accomplish this. Is that a true statement or can I use the fast-packet switching instead. My 1 ISP does not support CEF.

  • Other Network Infrastructure Subjects
New Member

Re: Policy mapping on 3640


You need to conifgure NBAR to block Code Red. NBAR will not work since it requires CEF so you have to enable cef on the router. CEF is a switching mechanisms and it does not matter whether your ISP supports it or not. I am sending you a link from the CCO which talks about configuring NBAR for Code Red and I would recommend using the Method C from the config. Hope this helps.

New Member

Re: Policy mapping on 3640

I have read that link before, but I needed a difinitive answer as to the CEF. So thank you very much, it does answer my question.

This widget could not be displayed.