已解决: 大佬们求帮忙看看这些防火墙的配置的含义

一个小白小白小白 · ‎04-18-2022

各位大佬麻烦帮忙看一下如下配置：哪些是默认配置呢，如果不是默认配置，那代表的含义是什么呢！虚心求教！

timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local

ip audit info action alarm
ip audit attack action alarm

再次感谢各位大佬！

ilay · ‎04-19-2022

timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute

1.这些是防火墙定义针对一些协议的定义的timeout 时间，基本上算是默认值（可以在全局模式通过timeout ?查看各协议的默认值）

aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local

2.这一部分是定义的aaa-server的设置，属于自己添加的内容，

ip audit info action alarm
ip audit attack action alarm

3. 这个是防火墙IDS功能针对info信息和attack启用log 告警，

在原帖中查看解决方案

YilinChen · ‎04-18-2022

看着没啥问题，你可以认为是默认配置；

ilay · ‎04-19-2022

timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute

1.这些是防火墙定义针对一些协议的定义的timeout 时间，基本上算是默认值（可以在全局模式通过timeout ?查看各协议的默认值）

aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ max-failed-attempts 3
aaa-server TACACS+ deadtime 10
aaa-server RADIUS protocol radius
aaa-server RADIUS max-failed-attempts 3
aaa-server RADIUS deadtime 10
aaa-server LOCAL protocol local

2.这一部分是定义的aaa-server的设置，属于自己添加的内容，

ip audit info action alarm
ip audit attack action alarm

3. 这个是防火墙IDS功能针对info信息和attack启用log 告警，