Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We're having trouble determining whether the ZBF match protocol statements provide deep inspection. For example, the following doesn't appear to actually allow the ephemerous ports to open. Or at least in what I've found to try and test, attempting t...
Short of modifying TCP parameters / timeouts I haven't played with parameter maps much, but I did just see this in the reference: (http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_p1.html#wp1091787)parameter-map type protocol-infoTo...
I haven't tested this, but in theory...You could always put an ethernet loopback in port and trunk it. Spanning tree will block the loop created, but it should keep the SVIs up...
