IOS Question - Define inet-users

jbhall56 · ‎07-14-2012

I am doing a security assessment of an organization that uses 871/881 routers with the firewall features enabled. I see the following commands defining packet inspection done by the firewall software.

ip inspect name inet-users tcp

ip inspect name inet-users udp

ip inspect name inet-users icmp

What I am trying to define is the inspect name "inet-users". It is obviously a constant defined by IOS as it is not defined anywhere in the configuration file like any other "variable" and does not generate an error.

What does "inet-users" define? I'm assuming it is all users using the interface(s) where the inspect commands are used, but is that correct?

The Cisco IOS manuals do not contain a reference to "inet-users" hence why I'm here asking.

Thank you.

Jeff Hall

McGladrey LLP

Minneapolis, MN

Karsten Iwen · ‎07-14-2012

"inet-users" is the name your the firewall-configuration. You can choose any name you want for this name. Mine are most often just named "FW" ... The name of the inspect-configuration is assigned to an interface to complete the firewall-config:

ip inspect name FW tcp

ip inspect name FW udp

ip inspect name FW icmp

ip inspect name FW ftp

!

interface dialer 0

...

ip inspect FW out

There is much more to configure for the firewall. You find many information on it by searching for the term CBAC (context based access control).