The show ip inspect command family can be used by
administrators to test and verify a CBAC installation
. The syntax for
the show ip inspect command is shown in Figures
and
.
debug Commands To display messages about CBAC
events, use the debug ip inspect EXEC command. The no form
of this command disables debugging output. The syntax for the debug ip
inspect command is shown in Figure
.
Remove
the CBAC Configuration Use the no ip inspect
command to remove the entire CBAC configuration
. This command
will also reset all global timeouts and thresholds to their defaults, delete
all existing sessions, and remove all associated dynamic ACLs. This command has
no other arguments, keywords, default behavior, or values.
In this lab, students will
understand how CBAC enables a router-based firewall. Students will configure a
simple firewall including CBAC using the Security Device Manager (SDM).
Students will then learn to configure a simple firewall including CBAC and RFC
Filtering using the IOS CLI. Students will also test and verify CBAC
operation.