SECUR Exam Cram™ 2 (Exam 642-501)

Guidelines for Applying CBAC and ACLs

You must apply your CBAC configurations to an interface for traffic to be inspected. Along with applying your named inspection rule to an interface, you must specify the traffic direction that will be inspected. Traffic can be inspected when entering an interface or when exiting an interface. Actually, you can apply CBAC in two directions on the same interface; however, it is rarely done.

The syntax to apply CBAC inspection is

Router(config-if)# ip inspect inspection-name [in | out]

An example that applies CBAC to inspect traffic leaving an interface is shown in Figure 4.10.

Figure 4.10. Applying an outbound inspection rule.

You can also have other services applied to the same interface as CBAC. You could ...

Get SECUR Exam Cram™ 2 (Exam 642-501) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

SECUR Exam Cram™ 2 (Exam 642-501) by Raman Sud, Ken Edelman

Guidelines for Applying CBAC and ACLs

Figure 4.10. Applying an outbound inspection rule.

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly