https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645521#M1030407 <P>Hello,</P><P>I'm using the zone-based policy firewall in my 2610XM running IOS 12.4(11)T. I want to block certain ports outbond. But I also have to inspect tcp and udp. To, the acls are not applied, because als outbound traffic is allowed when I inspect those protocols tcp and udp?</P><P>Attached is my running config. I've read the Cisco documentation about ZBF but that's a point which I don't understand. Maybe someone could explain it to me?</P><P></P><P>edit: I need to edit my incoming acl for vpn traffic. I've tried to allow ipsec traffic only, but it didn't work. </P><P></P><P></P><P> </P><P></P> Mon, 11 Mar 2019 09:12:36 GMT simon 2019-03-11T09:12:36Z https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645521#M1030407 <P>Hello,</P><P>I'm using the zone-based policy firewall in my 2610XM running IOS 12.4(11)T. I want to block certain ports outbond. But I also have to inspect tcp and udp. To, the acls are not applied, because als outbound traffic is allowed when I inspect those protocols tcp and udp?</P><P>Attached is my running config. I've read the Cisco documentation about ZBF but that's a point which I don't understand. Maybe someone could explain it to me?</P><P></P><P>edit: I need to edit my incoming acl for vpn traffic. I've tried to allow ipsec traffic only, but it didn't work. </P><P></P><P></P><P> </P><P></P> Mon, 11 Mar 2019 09:12:36 GMT https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645521#M1030407 simon 2019-03-11T09:12:36Z https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645522#M1030408 <HTML><HEAD></HEAD><BODY><P>What is the version of IOS which you are using in the cisco box ?</P></BODY></HTML> Fri, 29 Dec 2006 14:27:07 GMT https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645522#M1030408 p.krane 2006-12-29T14:27:07Z https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645523#M1030409 <HTML><HEAD></HEAD><BODY><P>12.4(11)T</P></BODY></HTML> Fri, 29 Dec 2006 20:02:56 GMT https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645523#M1030409 simon 2006-12-29T20:02:56Z https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645524#M1030410 <HTML><HEAD></HEAD><BODY><P>Is no one using zbf?</P></BODY></HTML> Sat, 06 Jan 2007 10:52:05 GMT https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645524#M1030410 simon 2007-01-06T10:52:05Z https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645525#M1030411 <HTML><HEAD></HEAD><BODY><P>*push*</P></BODY></HTML> Sat, 20 Jan 2007 12:35:43 GMT https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645525#M1030411 simon 2007-01-20T12:35:43Z https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645526#M1030412 <HTML><HEAD></HEAD><BODY><P>I'm using it, but not sure I understand your question?</P></BODY></HTML> Tue, 27 Jan 2009 23:13:24 GMT https://community.cisco.com/t5/network-security/understanding-zbf/m-p/645526#M1030412 sdniel 2009-01-27T23:13:24Z