07-05-2001 04:55 AM - edited 03-08-2019 08:26 PM
I will release IOS FireWall-Pack to my customers.
I want to check function of CBAC when I attach
Cisco router on customer's network.
We can use "debug" command and verify detecting logs,
but I don't want to use because forgetting operate
"no debug" command.
How to verify CBAC function without using debug command?Can I verify using any tools or any commands
etc...?
I want to get router's log only about CBAC function.
Please tell me it's solutions.
Thank you for reading my message.
Regards.
07-05-2001 05:32 PM
sho ip inspect has a whole lot of information such as CBAC interfaces, sessions and config.
07-05-2001 10:30 PM
Thank you for your reply message.
My customer want to "CBAC" testlogs when set up router.Because customer want to watch and
verify not configulation of CBAC but action,
using similarity attacks.
Can we do it any tools or commands unless debug?
I think if CBAC Config are all collect,then IOS
can action collect,but my customer think if IOS
has any bugs or any errors etc,then cannot maintain
network security...Therefore he want to use
similarity attack and watch logs.
Regards.
11-26-2001 03:27 PM
Sh ip inspect all etc will show you most of what you need to know. However, I am against CBAC in enterprise networks. It kills the router. I have a 3660 and when it runs with CBAC it kills my DSL line. Forget it.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: