amanzoor
asked on
Cisco cbac ios firewall 2811
Hi,
What is the command to allow an external IP (v.v.v.v) which belongs to my ISP to pass through my access list 101. Infact I do not want any of my inbound or outbound rules to check the traffic from this external ip address?
Help
What is the command to allow an external IP (v.v.v.v) which belongs to my ISP to pass through my access list 101. Infact I do not want any of my inbound or outbound rules to check the traffic from this external ip address?
Help
please show the config
ASKER
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Anything you permit in your inbound access list will not be inspected.
ASKER
ikalmar:
THanks
mikebernhardt:
I have access list 101 only, this is exactly what I want 'Anything you permit in your inbound access list will not be inspected".............Is my 101 also checking the inbound?
THanks
mikebernhardt:
I have access list 101 only, this is exactly what I want 'Anything you permit in your inbound access list will not be inspected".............Is my 101 also checking the inbound?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Just for your edification, if you "show access-list 101" while you have inspected traffic running through that interface, you will see that the list has additional entries that you didn't put there. They will come and go as the router times out dead sessions.