Cisco - Zone Policy Actions (pass, inspect, drop, log) - What is the difference?

Posted by Jonathan Rioux on Server Fault See other posts from Server Fault or by Jonathan Rioux
Published on 2012-05-30T20:10:48Z Indexed on 2012/05/30 22:43 UTC
Read the original article Hit count: 212

Filed under:
|

Have these commands for instance:

policy-map type inspect IN-OUT_PlcyMAP
 class type inspect IN-OUT_ClassMAP
  inspect   <------

policy-map type inspect IN-OUT_PlcyMap
 class type inspect IN-OUT_ClassMAP
  pass     <------


zone security INSIDE
zone security OUTSIDE
zone-pair security IN->OUT source INSIDE destination OUTSIDE
 service-policy type inspect IN-OUT_PlcyMAP

What is the difference between "inspect", "pass", "drop", "log", and "reset ?

I could not found any information on this on Google.

© Server Fault or respective owner

Related posts about firewall

Related posts about cisco