When setting up a CBAC (ip inspect) firewall on an IOS router should the "ip inspect" command be placed on the internal interface and use "ip inspect in" or should I use "ip inspect out" on the public or egress interface? What are the pros and cons...
Network Security
Engage with peers and experts on network security topics such as Secure Firewall Threat Defense, Adaptive Security Appliance, Secure Firewall Management Center, and Security Cloud Control.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- Technology and Support
- Security
- Network Security
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Labels
-
AAA
(10) -
Access Control Server (ACS)
(6) -
Access List
(4) -
ACI
(10) -
Advanced Threats
(1) -
AMP for Endpoints
(1) -
AnyConnect
(3) -
APIs
(1) -
Appliances
(18) -
ASA
(1) -
ASR 1000 Series
(1) -
Branch Router
(2) -
Buying Recommendation
(87) -
Catalyst 2000
(1) -
Catalyst 3000
(2) -
Catalyst 4000
(1) -
Catalyst 6000
(1) -
Catalyst 8000
(1) -
Catalyst 9000
(2) -
Catalyst Switch
(3) -
Catalyst Wireless Controllers
(1) -
Cisco
(1) -
Cisco Adaptive Security Appliance (ASA)
(9,620) -
Cisco Bugs
(54) -
Cisco Cafe
(25) -
Cisco CLI Analyzer
(1) -
Cisco Cloud Services Router
(1) -
Cisco Defense Orchestrator (CDO)
(149) -
Cisco Firepower Device Manager (FDM)
(812) -
Cisco Firepower Management Center (FMC)
(2,909) -
Cisco Firepower Threat Defense (FTD)
(3,164) -
Cisco Press Cafe
(1) -
Cisco Secure Firewall Device Management (FDM)
(40) -
Cisco Secure Firewall Management Center (FMC)
(222) -
Cisco Secure Firewall Threat Defense (FTD)
(273) -
Cisco Security Cloud Control
(16) -
Cisco Security Manager (CSM)
(3) -
Cisco Software
(20) -
CISCO START ANZ
(1) -
Cisco Threat Response
(1) -
Cisco Vulnerability Management
(46) -
Cloud
(1) -
Cloud Provisioning
(1) -
Cloud Security
(3) -
Community Bug or Issue
(1) -
Community Feedback Forum
(32) -
Community Ideas
(18) -
Compliance and Posture
(1) -
Crypto
(1) -
CSC Content with No Valid Community to Post
(1) -
CUBE
(1) -
CUCM
(1) -
Data Center Networking
(1) -
Device Admin
(14) -
EEM Scripting
(1) -
Emergency Responder
(1) -
Endpoint Security
(6) -
Enterprise Agreement
(1) -
Event Analysis
(264) -
FirePOWER
(1) -
Firepower Chassis Manager (FCM)
(2) -
Firepower Device Manager (FDM)
(16) -
Firepower Management Center (FMC)
(408) -
Firepower Threat Defense (FTD)
(221) -
Firewall Migration Tool (FMT)
(37) -
Firewalls
(1,171) -
FMC
(1) -
General
(2) -
Guest
(1) -
Identity Services Engine (ISE)
(9) -
IE3300
(1) -
Integrated Security
(8) -
Integrated Security Architecture
(1) -
Integrations
(4) -
Investigation
(2) -
iOS
(1) -
IPS and IDS
(6,579) -
IPS and IDS1
(1) -
IPS-IDS
(1) -
IPSEC
(1) -
IPv6 Configuration
(1) -
ISE
(1) -
LAN Switching
(7) -
License
(324) -
MPLS
(1) -
Multicloud Defense
(3) -
Network Management
(94) -
Network Security
(2) -
Networking
(1) -
NFVIS
(1) -
NGFW Firewalls
(37,589) -
NGIPS
(1,874) -
Online Tools and Resources
(1) -
Open Source and Open Standards
(1) -
Optical Networking
(3) -
Optics
(1) -
Other Automation Analytics Topics
(1) -
Other Collaboration Topics
(1) -
Other Community Feedback
(5) -
Other Firewalls
(1) -
Other IP Telephony
(1) -
Other NAC
(18) -
Other Network
(2) -
Other Network Security Topics
(10,789) -
Other Networking
(9) -
Other Routers
(9) -
Other Routing
(24) -
Other Routing and Switching topics
(2) -
Other Security
(1) -
Other Security Topics
(18) -
Other Switches
(12) -
Other Switching
(4) -
Other VPN Topics
(1) -
Passive Identity
(1) -
Physical Security
(21) -
Policy and Access
(2) -
Prioritization
(3) -
Remote Access
(2) -
Room Endpoints
(1) -
Routing Protocols
(9) -
SD-WAN Security
(1) -
Secure Network Analytics
(1) -
Security
(4) -
Security Management
(642) -
Segmentation
(3) -
Service Providers
(1) -
Small Business Routers
(5) -
Small Business Security
(2) -
Sourcefire
(2) -
Support
(2) -
Threat Containment
(6) -
Threat Defense
(1) -
Threat Grid
(1) -
Unified Computing System (UCS)
(1) -
Voice Gateways
(1) -
VPN
(29) -
VPN and AnyConnect
(1) -
Vulnerability Management
(46) -
WAN
(8) -
Web Security
(5) -
Webex Teams
(1) -
Wired
(3) -
Wireless Security
(1)
- « Previous
- Next »
Forum Posts
Please look at the attached network diagram for your information. I added a command:"same-security-traffic permit intra-interface" on the Internet FW, and I also force the traffic from internal firewall to 172.16.24.22 must pass through Internet FW b...
Hello,I would like to know how can i increase the capacity of conservation of the logs on the ASA 5580 to reach 1 Gigat ByteThank you
please find the attached network setup, and we can connect the server from Internet FW, but not from Internal FW, after troubleshooting, it turned out that the traffic from Internal FW to the server will go to server directly without passing through ...
Hi,I am trying to configure a pair of new ASA'a for transparency and redundancy, they will protect some existing servers who's ip's cannot be changed.I have enabled the multiple context's but cannot manage the ASA's by IP.Below is the config.ASA Vers...
Hello,I have an ASA 5580 and i would like to khnow if this Firewall do a load balancing between server ( Round-Robin, Weighted Round-Robin, Fail-over chaining) . If no what is the equipement that i must add to perform this task.Thank you very match f...
Greetings. This is a very strange problem. I installed a Cisco PIX 525 two months ago, and it is working great. However, a customer came in this morning and reported he is unable to create new Hotmail accounts. Apparently, this has been going on ...
When I power on my PIX 525-UR it stops the boot process when it is showing the interfaces on the screen.I'm sending a screenshot.What could this be?
Resolved! Publidhing Web Server
I have a PIX 515e. My company wants to launch the web site which will serve Internet users as well as internal users. In my web server i have two network cards. My firewall has 3 network interface one is inside, other is outside network and the third...
I canot access my web server. internet explorer shows the message: 503 service unavailable. i'm usingCisco Pix 501
I work on a system that requires management interfaces to logout a user if inactive for a period of time (10 minutes).Is there any way to configure this for the 4215/4240 IDM &/or CLI interfaces?
Greeting allI hope someone has a few ideas here, I have configured dmvpn with ezvpn run running eigrp as the routing protocol running via the created tunnel.This works as expected when the routers at either end of the tunnels do not pass through a AS...
Can someone tell me why v7.2 of the PIX/ASA OS doesn't register hits on an access list used for nat? I always used this on v6 to check the rule was working. The show nat command seems to be a bit random with it's counters as well. Is there another...
In other words, what ASA device is the equivalent or replacement for the Pix 515e device?
Hi,I have a VPN link from a PIX501 at our remote office to a ASA5510 at our main office.Remote Office 192.168.3.0/24, Main Office 10.0.0.0/24.A client on the 10.0.0.0/24 network cannot ping, http or telnet the PIX501 internal interface 192.168.3.1 a...
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Unanswered Topics
| Subject | Author | Posted |
|---|---|---|
| 05-05-2026 09:59 AM | ||
| 05-02-2026 06:09 AM | ||
| 04-30-2026 12:46 AM | ||
| 04-24-2026 07:04 AM | ||
| 04-22-2026 11:56 AM |
New solutions
Top Solution Authors
| User | Count |
|---|---|
| 9 | |
| 2 | |
| 2 | |
| 1 | |
| 1 |
