Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1156
Views
0
Helpful
2
Replies

IP Inspect on a 3560 IOS

aweise
Level 1
Level 1

‎03-05-2012 12:04 PM - edited ‎03-07-2019 05:21 AM

Hi all,

I have a need to use a 3560 switch to terminate a provider's internet connection, but want to secure it so that it and the vlans connected to it are not wide open. At the same time, I'd like to use stateful packet inspection.

I have IOS 12.2(44)SE2, but IPBASE running on my 3560s. Is there an IOS (perhaps the ADVIPSERVICES of that version?) that allows a 3560 to use the 'ip inspect' command?

Labels:
0 Helpful
2 Replies 2

Peter Paluch
Cisco Employee
Cisco Employee

‎03-05-2012 01:58 PM

Hello,

To my best knowledge, IP Inspect is not supported in any IOS feature set available for Catalyst 3560 and personally, I do not foresee this feature to be supported on this platform. Deep stateful packet inspection on multilayer switches would require specialized ASICs to perform these operations at the sufficient speed. The lowest Catalyst platform appearing to support the IP Inspect (CBAC) is the 4500 with the Access Gateway Module (AGM) installed (which is EOL since 2004) and 6500.

Sorry to disappoint you here.

Best regards,

Peter

0 Helpful

Jeff Van Houten
Level 5
Level 5

‎03-05-2012 06:32 PM

you want a router not a layer 3 switch.

Sent from Cisco Technical Support iPad App

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card