How to verify CBAC when attach.

samieru · ‎07-05-2001

I will release IOS FireWall-Pack to my customers.

I want to check function of CBAC when I attach

Cisco router on customer's network.

We can use "debug" command and verify detecting logs,

but I don't want to use because forgetting operate

"no debug" command.

How to verify CBAC function without using debug command?Can I verify using any tools or any commands

etc...?

I want to get router's log only about CBAC function.

Please tell me it's solutions.

Thank you for reading my message.

Regards.

j.psaila · ‎07-05-2001

sho ip inspect has a whole lot of information such as CBAC interfaces, sessions and config.

samieru · ‎07-05-2001

Thank you for your reply message.

My customer want to "CBAC" testlogs when set up router.Because customer want to watch and

verify not configulation of CBAC but action,

using similarity attacks.

Can we do it any tools or commands unless debug?

I think if CBAC Config are all collect,then IOS

can action collect,but my customer think if IOS

has any bugs or any errors etc,then cannot maintain

network security...Therefore he want to use

similarity attack and watch logs.

Regards.

pmoulay · ‎11-26-2001

Sh ip inspect all etc will show you most of what you need to know. However, I am against CBAC in enterprise networks. It kills the router. I have a 3660 and when it runs with CBAC it kills my DSL line. Forget it.