A SERVICE OF

logo

21-55
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 21 Managing Zone-based Firewall Rules
Troubleshooting Zone-based Rules and Configurations
H.
class-map type inspect match-any CSM_ZBF_CLASS_MAP_5
match protocol tcp
match protocol udp
!
I.
policy-map type inspect CSM_ZBF_POLICY_MAP_1
class type inspect CSM_ZBF_CLASS_MAP_1
drop
class type inspect CSM_ZBF_CLASS_MAP_2
drop
class type inspect CSM_ZBF_CLASS_MAP_3
drop
class type inspect CSM_ZBF_CMAP_PLMAP_1
inspect
class type inspect CSM_ZBF_CLASS_MAP_4
inspect
service-policy http HTTPpmap
class type inspect CSM_ZBF_CLASS_MAP_5
inspect
class class-default
drop
!
J.
zone security Inside
zone security Outside
zone-pair security CSM_Inside-Outside_1 source Inside destination Outside
service-policy type inspect CSM_ZBF_POLICY_MAP_1
!
interface GigabitEthernet0/1
ip address dhcp
zone-member security Inside
!
interface GigabitEthernet0/2
ip address dhcp
zone-member security Outside
!
K.
ip access-list extended CSM_ZBF_CMAP_ACL_1
permit ip 10.100.10.0 0.0.0.255 any
permit ip 10.100.11.0 0.0.0.255 any
!
L.
ip access-list extended CSM_ZBF_CMAP_ACL_2
permit ip 10.100.12.0 0.0.0.255 any