Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IOS Question - Define inet-users

I am doing a security assessment of an organization that uses 871/881 routers with the firewall features enabled.  I see the following commands defining packet inspection done by the firewall software.

ip inspect name inet-users tcp

ip inspect name inet-users udp

ip inspect name inet-users icmp

What I am trying to define is the inspect name "inet-users".  It is obviously a constant defined by IOS as it is not defined anywhere in the configuration file like any other "variable" and does not generate an error.

What does "inet-users" define?  I'm assuming it is all users using the interface(s) where the inspect commands are used, but is that correct? 

The Cisco IOS manuals do not contain a reference to "inet-users" hence why I'm here asking.

Thank you.

Jeff Hall

McGladrey LLP

Minneapolis, MN

Everyone's tags (3)
1 REPLY
VIP Purple

Re: IOS Question - Define inet-users

"inet-users" is the name your the firewall-configuration. You can choose any name you want for this name. Mine are most often just named "FW" ... The name of the inspect-configuration is assigned to an interface to complete the firewall-config:

ip inspect name FW tcp

ip inspect name FW udp

ip inspect name FW icmp

ip inspect name FW ftp

!

interface dialer 0

...

ip inspect FW out

There is much more to configure for the firewall. You find many information on it by searching for the term CBAC (context based access control).


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
385
Views
0
Helpful
1
Replies
CreatePlease login to create content