11-07-2005 12:56 AM
As per info availiable, PIX ver 7.0 is able to to application inspection.
Is there an equivalent command to ip nbar protocol-discovery on the pix os ver 7.0 ?
In my present scenario I am using this command on my router interface which is connected to ISP (Internet). In the future the ISP will be changed and there will be no access to the internet router (will be controlled by ISP), the connection from the router will be terminated at the pix outside interface .
present scenario
inside network --> pix -->router -->isp
future scenario
inside network-->pix -->isp
Regards
Vijay Sequeira
11-08-2005 11:24 AM
"show service-policy global" is about as good as it gets.
Of course you can setup other service policies and different class-maps to inspect different protocols. It's not as nice as NBAR, but it may do the trick depending on what you're looking for
11-08-2005 11:44 PM
We are currently using Nbar templates in Cacti(network graphing solution) to find out the percentage of different traffic(ftp, http etc) in the internet link.For NBAR to work we only need to enable the "ip nbar protocol discovery" on the relevant interface and the nbar queries and templates do the rest.
When we change from the current ISP to the other we will not have access to the ISP device located at our premises, The link from the device will be terminated at our fw public interface.
Regards
Vijay Sequeira
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: