The Cisco IOS zone-based policy firewall can take three possible actions when you configure it using Cisco SDM:
1. Inspect : This action configures Cisco IOS stateful packet inspection.
2. Drop : This action is analogous to deny in an ACL.
3. Pass : This action is analogous to permit in an ACL. The pass action does not track the state of connections or sessions within the traffic; pass allows the traffic only in one direction. A corresponding policy must be applied to allow return traffic to pass in the opposite direction.
1. Inspect : This action configures Cisco IOS stateful packet inspection.
2. Drop : This action is analogous to deny in an ACL.
3. Pass : This action is analogous to permit in an ACL. The pass action does not track the state of connections or sessions within the traffic; pass allows the traffic only in one direction. A corresponding policy must be applied to allow return traffic to pass in the opposite direction.
No comments:
Post a Comment