Pages

Wednesday, March 5, 2014

Configuring Context-Based Access Control (CBAC)

R3

!----Task 1: Block Traffic From Outside
!--Step 2. Configure a named IP ACL on R3 to block all traffic originating from the outs ide network.
!
ciscoconpa55
enable
ciscoenpa55
Configure terminal
!
ip access-list extended OUT-IN
deny ip any any
exit
!
!--Step 3. Apply the ACL to interface Serial 0/0/1.
!
interface s0/0/1
ip access-group OUT-IN in
!
!----Task 2: Create a CBAC Inspection Rule
!--Step 1. Create an inspection rule to inspect ICMP, Telnet, and HTTP traffic.
!
ip inspect name IN-OUT-IN icmp
ip inspect name IN-OUT-IN telnet
ip inspect name IN-OUT-IN http
!
!--Step 2. Turn on time-s tamped logging and CB AC audit trail mes s ages .
!
ip inspect audit-trail
service timestamps debug datetime msec
logging host 192.168.1.3
!
!--Step 3. Apply the inspection rule to egress traffic on interface S 0/0/1.
!
interface s0/0/1
ip inspect IN-OUT-IN out
!
!----Task 3: Verify Firewall Functionality
!--Step 1. Open a Telnet session from PC-C to R2.
!
exit
exit
show ip inspect sessions

!Established Sessions
! Session 125752368 (192.168.3.3:1025)=>(10.2.2.2:23) telnet SIS_OPEN

!What is the source IP address and port number?
!192.168.3.3:1031 (port 1025 is random)
!
!What is the destination IP address and port number?
!10.1.1.2:23 (Telnet = port 23)
!
!--Step 2. From PC-C, open a web browser to the PC-A server webpage using the server IP address .
!
show ip inspect sessions
!
!Established Sessions
!Session 104637440 (192.168.3.3:1025)=>(192.168.1.3:http SIS_OPEN

!What is the source IP address and port number?
!192.168.3.3:1027 (port 1025 is random)
!
!What is the destination IP address and port number?
!192.168.1.3:80 (HTTP web = port 80)
!
!--Step 3. View the interface configuration and inspection rule timers .
!
show ip inspect interfaces
!
!----Task 4: Review CBAC Configuration
!--Step 1. Dis play CB AC configuration.
!
show ip inspect config
!
!--Step 2. Display real-time output that can be used for troubles hooting.
!
debug ip inspect detailed
!
at
Labels:

1 comment:

  1. AnonymousJanuary 31, 2022 at 2:53 PM

    1xBet Korean | sportsbook and casino review | Legalbet
    A 1xbet review of the 메리트 카지노 주소 1xBet 샌즈카지노 Korean bookmaker. The quality of the betting lines and bonuses. Also, reviews the sportsbook.

    ReplyDelete

Subscribe to: Post Comments (Atom)