• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 245
  • Last Modified:

Setting up CBAC

Hi,

       I am haivng trouble setting up CBAC. I practing setting up CBAC because I am going to have to implement it at work in a few days. I am try to monitor a ssh connection. Here is the situation. I currently have an access list applied to Rtra interface s0/0 allowing ssh into RtrA and denys everything else. I want to setup CBAC to monitor the sessions which are established to Rtra using ssh. Below is diagram of my network. If you need the configs for the routers please let me know.
 
 
                                                5.0.2.0/24
       10.1.1.0/24-----------E0/0RtrBS0/0---------S0/0RtrAE0/0-------80.1.1.0/24
 
     
            Thank You,
            Victor
 
0
vreyesii
Asked:
vreyesii
1 Solution
 
FrabbleCommented:
Assuming the access list is correct, you configure an inspect policy with "audit-trail on" for the service you wish to track. For example

ip inspect name WAN-IN ssh audit-trail on

and apply it to the interface ...

interface S0/0
  ip inspect WAN-IN in

You would normally send the information to a syslog server, but to have this appear in the router logs, set up date and time stamping:

service timestamps log datetime msec localtime show-timezone

You also have to set the logging level to 6:

logging buffered 51200 informational

To view:

show logging

For more detail, check out:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fsecur_c/ftrafwl/scfcbac.htm
0
 
vreyesiiAuthor Commented:
Thanks for the help.
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now