I am doing a security assessment of an organization that uses 871/881 routers with the firewall features enabled. I see the following commands defining packet inspection done by the firewall software.
ip inspect name inet-users tcp
ip inspect name inet-users udp
ip inspect name inet-users icmp
What I am trying to define is the inspect name "inet-users". It is obviously a constant defined by IOS as it is not defined anywhere in the configuration file like any other "variable" and does not generate an error.
What does "inet-users" define? I'm assuming it is all users using the interface(s) where the inspect commands are used, but is that correct?
The Cisco IOS manuals do not contain a reference to "inet-users" hence why I'm here asking.
"inet-users" is the name your the firewall-configuration. You can choose any name you want for this name. Mine are most often just named "FW" ... The name of the inspect-configuration is assigned to an interface to complete the firewall-config:
ip inspect name FW tcp
ip inspect name FW udp
ip inspect name FW icmp
ip inspect name FW ftp
interface dialer 0
ip inspect FW out
There is much more to configure for the firewall. You find many information on it by searching for the term CBAC (context based access control).
-- Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
Article ID:5748 Use TheGreenBow VPN Client to Connect with RV34x Series
Router Introduction A Virtual Private Network (VPN) connection allows
users to access, send, and receive data to and from a private network by
means of going through a public or share...
Article ID:5728 Configure a Teleworker VPN Client on the RV34x Series
Router Objective The Teleworker VPN Client feature minimizes the
configuration requirements at remote locations by allowing the device to
work as a Cisco VPN hardware client. When the T...
Article ID:5708 Configure the LAN and DHCP Settings on the RV34x Series
Router Objective A Local Area Network (LAN) is a network limited to an
area such as a home or small business that is used to interconnect
devices. LAN settings can be configured to li...