Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IP Inspect

In a book I just read, the chapter on IP Inspect tells you the ACL should be applied on the untrusted interface inbound, and so should the IP inspect rule. Now I agree with the ACL, however surely the IP inspect rule should be place outbound on the untrusted inteface?.. I tried this aswell and my sugesstion works and the other way doesnt

2 REPLIES

Re: IP Inspect

Your understanding is correct and it may be a typo error in the book. The IP inspect command should be applied outbound on untrusted interface or inbound on trusted interface. This way the router can inspect the traffic leaving the router and create a temporary dynamic opening for the return traffic on the ACL applied on the untrusted interface.

HTH

Sundar

New Member

Re: IP Inspect

Can you name the book, for the benefit of all us ?

Thanks

Yuri

288
Views
0
Helpful
2
Replies
CreatePlease to create content