Cisco 7604 Configuration Manual page 431
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Chapter 22
Applying Application Layer Protocol Inspection
Figure 22-3
PC (Inside)
10.0.0.23/8
See the following configuration for this example:
firewall transparent
!
interface Vlan50
nameif inside
bridge-group 1
security-level 100
!
interface Vlan100
nameif outside
bridge-group 1
security-level 0
!
interface BVI1
ip address 10.0.0.30 255.0.0.0
!
access-list voice extended permit tcp any any eq ctiqbe
access-list voice extended permit tcp any any eq h323
access-list voice extended permit tcp any any eq 1503
!
access-group voice in interface inside
access-group voice in interface outside
!
policy-map global_policy
class inspection_default
inspect ctiqbe
!
To allow successful collaboration and application sharing, TCP ports 1503 and 1720 must be allowed to
Note
pass through.
The following is sample output for the show conn detail command:
hostname# show conn detail
25 in use, 33 most used
Flags: A - awaiting inside ACK to SYN,a - awaiting outside ACK to SYN
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
OL-20748-01
Single Transparent Firewall for Cisco IP SoftPhone (Virtual Conference) with
NetMeeting
Single transparent with CTIQBE inspection
(with collaboration settings set to "NetMeeting")
Firewall
Service Module
(FWSM)
vlan50
B - initial SYN from outsideC - CTIQBE media, D - DNS, d - dump,
vlan100
PC (Outside)
10.0.0.21/8
M
10.0.0.101/8
CallManager 3.3
CTIQBE Inspection
22-15
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
