Header
Home | Set as homepage | Add to favorites
  Search the Site     » Advanced Search
Sections
Syndication


Blogroll:

||||| ALL Cisco-Network ARTICLES |||||  
CCIE Journey,
The CCIE Journey,

Home : CCSP-Cisco Certified Security Professional : Test and Verify

Test and Verify

Sep 10,2009 by alperen

small font medium font large font
image

Test and Verify

Use the Privilege EXEC Mode command show ip inspect with its various options to view CBAC configuration and session information. The syntax is

Rtr1#show ip inspect {name inspection-name | config | interfaces | session [detail] | all}

config

Shows the complete CBAC inspection configuration.

interfaces

Shows interface configuration for applied inspection rules and ACLs.

session [detail]

Shows existing CBAC inspection sessions. (Optional) keyword detail displays more information about the sessions.

all

Shows all CBAC configuration and all sessions being tracked and inspected by CBAC.

This command was introduced in IOS 11.2 P.

The following example shows sample output for the show ip inspect name testinspect command, where testinspect is the inspection rule set. The output shows the protocols as inspected by CBAC and the idle timeouts for each.

Rtr1#show ip inspect name testinspect
Inspection Rule Configuration
 Inspection name testinspect
    tcp timeout 3600
    udp timeout 90
    ftp timeout 2400

The following, which is sample output for the show ip inspect config command, shows CBAC configuration, including global timeouts, thresholds, and inspection rules:

Rtr1#show ip inspect config
Session audit trail is disabled
one-minute (sampling period) thresholds are [500:750] connections
max-incomplete sessions thresholds are [500:750]
max-incomplete tcp connections per host is 50. Block-time 0 minute.
tcp synwait-time is 30 sec -- tcp finwait-time is 5 sec
tcp idle-time is 3600 sec -- udp idle-time is 90 sec
dns-timeout is 5 sec
Inspection Rule Configuration
 Inspection name testinspect
    tcp timeout 3600
    udp timeout 90
    ftp timeout 2400

This output demonstrates the show ip inspect interfaces command:

Rtr1#show ip inspect interfaces
Interface Configuration
 Interface Ethernet0
  Inbound inspection rule is testinspect
    tcp timeout 3600
    udp timeout 90
    ftp timeout 2400
  Outgoing inspection rule is not set
  Inbound access list is not set
  Outgoing access list is not set

This output demonstrates the show ip inspect sessions command, indicating an FTP session and showing the source and destination addresses and port numbers (separated by colons):

Rtr1#show ip inspect sessions
Established Sessions
 Session 25A3318 (192.168.0.17:20)=>(192.168.1.9:47091) ftp-data SIS_OPEN
 Session 25A6E1C (192.168.1.9:47098)=>(192.168.0.17:21) ftp SIS_OPEN

This output demonstrates the show ip inspect sessions detail command, including times, number of bytes sent, and which access lists are applied:

Rtr1#show ip inspect sessions detail
Established Sessions
 Session 25A335C (192.168.0.17:20)=>(192.168.1.9:47091) ftp-data SIS_OPEN
   Created 00:00:07, Last heard 00:00:00
   Bytes sent (initiator:responder) [0:3416064] acl created 1
   Inbound access-list 100 applied to interface Ethernet0
 Session 25A6E1C (192.168.1.9:47098)=>(192.168.0.17:21) ftp SIS_OPEN
   Created 00:01:34, Last heard 00:00:07
   Bytes sent (initiator:responder) [196:616] acl created 1
   Inbound access-list 100 applied to interface Ethernet0 cp6ios

241 times read

Related news
» Transparent Cisco IOS Firewall
by admin posted on Jul 21,2008
» Set Global Timeouts and Thresholds
by alperen posted on Sep 10,2009
» Apply Inspection Rules and ACLs to an Interface
by alperen posted on Sep 10,2009
» IOS Firewall Feature Set—CBAC Questions and Answers
by alperen posted on Sep 11,2009
» Define Inspection Rules
by alperen posted on Sep 10,2009
Did you enjoy this article?
1 2 3 4 5
Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00Rating: 5.00 (total 2 votes)

comment Comments (0 posted) 

More Top News
CCSP-Cisco Certified Security Professional
arrow Cisco SAFE Implementation
arrow Preparation Documents
arrow Exam Topics
arrow Skills Required for the Exam
arrow Cisco SAFE Implementation Questions and Answers
arrow Access Control Lists Cisco
arrow Access List Basics
arrow Standard Access Lists
arrow Verifying ACLs
arrow Extended Access Lists
arrow TCP Access Lists
arrow UDP Access Lists
arrow ICMP Access Lists
arrow Named Access Lists
arrow Signature and Alarm Management Review
arrow Signature and Alarm Management Review Questions and Answers
arrow Event Viewer
arrow Managing Alarms
arrow Event Viewer Customization
arrow Preference Settings
arrow Sensor Installation
arrow Connecting to Your Network Sensor Appliance
arrow Sensor Bootstrap
arrow Sensor Installation and Configuration Review
arrow Sensor Installation and Configuration Questions and Answers
arrow Signature and Alarm Management
arrow CIDS Signatures
arrow Signature Series
arrow Signature Implementations
arrow Signature Classes
arrow Signature Types
arrow Signature Severity
Most Popular
Most Commented
Featured Author

alperen

image
<| Cisco Articles | Maximum Learning | All Cisco-Network Study Notes | Privacy Policy |>
If you think you own the material being used without permission, contact alperenmad[at]hotmail.com. material will be removed from the site.