Zone-Based Policy Firewall Status - Cisco ROUTER-SDM-CD User Manual

Zone-Based Policy Firewall Status

Update button
Zone-Based Policy Firewall Status
Firewall Policy List Area
Zone Pair Name
wan-dmz-in
wan-dmz-out
View Interval
Cisco Router and Security Device Manager 2.5 User's Guide
42-10
Destination IP Address—The IP address of the packet's destination host.
•
Protocol—The network protocol being examined.
•
Match Count—The number of packets matching the firewall conditions.
•
Click this button to refresh the firewall sessions in the table and display the most
current data from the router.
If the router runs a Cisco IOS image that supports the Zone-Based Policy Firewall
feature, you can display the status of the firewall activity for each zone pair
configured on the router.
The firewall policy list area displays the policy name, source zone, and destination
zone for each zone pair. The following table contains sample data for two zone
pairs.
Policy Name
pmap-wan
pmap-dmz
In this sample table there is a zone pair configured for traffic inbound to the DMZ,
and traffic outbound from the DMZ.
Choose the zone pair that you want to display firewall statistics for.
Choose one of the following options to specify how data should be collected:
Real-time data every 10 sec—Data is reported every 10 seconds. Each tick
•
mark on the horizontal axis of the Dropped Packets and Allowed Packets
graph represents 10 seconds.
Chapter 42
Source Zone
zone-wan
zone-dmz
Viewing Router Information
Destination Zone
zone-dmz
zone-wan
OL-4015-12