Cisco 520-T1 Software Guide - Page 92

Configure Inspection Rules Chapter 8 Configuring a Simple Firewall Configure Inspection Rules Perform these steps to configure firewall inspection rules for all TCP and UDP traffic, as well as specific application protocols as defined by the security policy, beginning in global configuration mode: Step 1 Command or Action ip inspect name inspection-name protocol Example: Router(config)# ip inspect name firewall tcp Router(config)# Purpose Defines an inspection rule for a particular protocol. Step 2 ip inspect name inspection-name protocol Example: Repeat this command for each inspection rule that you wish to use. Router(config)# ip inspect name firewall rtsp Router(config)# ip inspect name firewall h323 Router(config)# ip inspect name firewall netshow Router(config)# ip inspect name firewall ftp Router(config)# ip inspect name firewall sqlnet Router(config)# Apply Access Lists and Inspection Rules to Interfaces Perform these steps to apply the ACLs and inspection rules to the network interfaces, beginning in global configuration mode: Step 1 Command interface type number Example: Router(config)# interface vlan 1 Router(config-if)# Step 2 ip inspect inspection-name {in | out} Example: Router(config-if)# ip inspect firewall in Router(config-if)# Step 3 exit Example: Router(config-if)# exit Router(config)# Purpose Enters interface configuration mode for the inside network interface on your router. Assigns the set of firewall inspection rules to the inside interface on the router. Returns to global configuration mode. Cisco Secure Router 520 Series Software Configuration Guide 8-4 OL-14210-01