[c-nsp] zone based FW -- inside to inside
Oliver Garraux
oliver at g.garraux.net
Wed Feb 22 14:12:56 EST 2012
On Wed, Feb 22, 2012 at 8:28 AM, Chris Mason <chris at noodles.org.uk> wrote:
>> when you do zone based firewalling on an ISR router..... traffic from one
>> inside interface to another inside interface should not be affected by the
>> firewall correct?
>
> That is my understanding as long as the traffic is intra-zone and not
> inter-zone (i.e. between interfaces within the same zone).
I think you can create intra-zone policies in some of the newer
versions of IOS. I'm not sure what specific version that feature was
added in though.
Oliver
More information about the cisco-nsp
mailing list