I am using 1841 router(Version 12.4(13r)T) and configured as a ZBF as follwos.My idea is to block unwanted sites like facebook.This router is not yet connected.
Current configuration : 1076 bytes ! version 12.4 service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Router ! boot-start-marker boot-end-marker ! ! no aaa new-model dot11 syslog ip cef ! ! ! ! ! multilink bundle-name authenticated parameter-map type regex DENY_SITES pattern .*facebook.com
! ! ! ! archive log config hidekeys ! ! ! ! ! class-map type inspect http match-all CLASS_DENY_SITES match request header host regex DENY_SITES ! ! policy-map type inspect http POLICY_DENY_SITES class type inspect http CLASS_DENY_SITES reset class class-default ! zone security INSIDE zone security OUTSIDE zone-pair security IN_OUT source INSIDE destination OUTSIDE ! ! ! interface FastEthernet0/0 no ip address zone-member security INSIDE duplex auto speed auto ! interface FastEthernet0/1 no ip address zone-member security OUTSIDE duplex auto speed auto ! ip forward-protocol nd ! ! ip http server no ip http secure-server ! ! ! ! ! control-plane ! ! line con 0 line aux 0 line vty 0 4 login !
But when I try to apply policy on zoon-pair,I am getting the following error.
Router(config-sec-zone-pair)#service-policy type inspect POLICY_DENY_SITES
Inspect service-policy attachment failed
Why it is not allow to apply policies.Pls help me at your earliest....
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...