23-5
Cisco 7600 Series Router Cisco IOS Software Configuration Guide—12.1E
78-14064-04
Chapter 23 Configuring Network Security
Configuring the Cisco IOS Firewall Feature Set
• Firewall Configuration Guidelines and Restrictions, page 23-6
• Configuring CBAC on Cisco 7600 Series Routers, page 23-6
Cisco IOS Firewall Feature Set Support Overview
The firewall feature set images support these Cisco IOS firewall features:
• Context-based Access Control (CBAC)
• Port-to-Application Mapping (PAM)
• Authentication Proxy
These are the firewall feature set image names:
• c6sup22-jo3sv-mz
• c6sup22-po3sv-mz
• c6sup12-jo3sv-mz
• c6sup12-po3sv-mz
For more information about Cisco IOS firewall features, refer to the Cisco IOS Security Configuration
Guide, Release 12.1, “Traffic Filtering and Firewalls” online publications:
• The “Cisco IOS Firewall Overview” chapter at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdfirw
l.htm
• The “Configuring Context-Based Access Control” chapter at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdcbac
.htm
• The “Configuring Authentication Proxy” chapter at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdauth
p.htm
• Cisco IOS Security Command Reference publication at this URL:
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_r/index.htm
The following features are supported with and without the use of a Cisco IOS firewall image:
• Standard access lists and static extended access lists
• Lock-and-key (dynamic access lists)
• IP session filtering (reflexive access lists)
• TCP intercept
• Security server support
• Network address translation
• Neighbor router authentication
• Event logging
• User authentication and authorization
To Next Page
Loading...
Need help?
General
