Cisco 7604 Configuration Manual page 462
Catalyst 6500 series switch and cisco 7600 series router firewall services module configuration guide using the cli
Hide thumbs
Also See for 7604:
- Configuration manual (1011 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
GTP Inspection
interface Vlan9
nameif outside
security-level 0
ip address 209.165.201.41 255.255.255.0 standby 209.165.201.40
!
passwd 2KFQnbNIdI.2KYOU encrypted
same-security-traffic permit inter-interface
object-group network GGSNS ================================configured object group to
define GGSNs
network-object host 10.4.1.32
network-object host 10.4.1.33
object-group network SGSNS =================================configured object group to
define SGSNs
network-object host 10.5.1.1
object-group network servers
network-object 10.2.1.0 255.255.255.0
network-object host 10.6.1.25
network-object host 10.6.1.26
network-object host 10.6.1.27
network-object host 10.4.1.32
network-object host 10.4.1.33
object-group network clients
network-object 10.6.1.0 255.255.255.0
network-object host 10.5.1.1
access-list gtpacl extended permit udp any any eq 2123
access-list gtpacl extended permit udp any any eq 3386
access-list gtpacl extended permit icmp any any
access-list gtpacl extended permit udp any any
access-list gtpacl extended permit tcp any any eq www
access-list gtpacl extended permit tcp any any eq ftp
access-list gtpacl extended permit tcp any any eq telnet
access-list gtpacl extended permit tcp any any eq ssh
access-list 112 extended permit tcp object-group servers object-group clients eq www
access-list 112 extended permit tcp object-group servers object-group clients eq https
access-list 112 extended permit tcp object-group servers object-group clients eq ftp
access-list 112 extended permit tcp object-group servers object-group clients eq telnet
access-list 112 extended permit udp object-group servers object-group clients eq 3386
access-list 112 extended permit udp object-group servers object-group clients eq 2123
access-list 112 extended permit tcp object-group servers object-group clients eq ssh
!
gtp-map GTPMAP ============================================================configured GTP
map to include the permit response cli
permit response to-object-group SGSNS from-object-group GGSNS
permit errors
!
pager lines 24
logging enable
logging timestamp
logging buffered debugging
mtu mgmt 1500
mtu inside 1500
mtu outside 1500
monitor-interface inside
monitor-interface outside
icmp permit any mgmt
icmp permit any inside
icmp permit any outside
asdm history enable
arp timeout 14400
nat-control
no xlate-bypass
static (outside,inside) 10.5.1.1 10.5.1.1 netmask 255.255.255.255
static (inside,outside) 10.4.1.31 10.4.1.31 netmask 255.255.255.255
static (inside,outside) 10.4.1.32 10.4.1.32 netmask 255.255.255.255
Catalyst 6500 Series Switch and Cisco 7600 Series Router Firewall Services Module Configuration Guide using ASDM
22-46
Chapter 22
Applying Application Layer Protocol Inspection
OL-20748-01
- Quick Links:
- C H a P T E...
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
